Site Information
WordPress Version: 7.0 ✓
Theme: gridlove (used by 1,027 domains)
Last Checked: 2026-06-20 01:14:23
HTTPS: ✅ Yes
Plugins (17)
| Plugin | Used By |
|---|---|
| alligator-menu-popup | 138 |
| bradmax-player | 311 |
| cf7-conditional-fields | 34,476 |
| contact-form-7 | 1,799,383 |
| credit-tracker | 136 |
| ics-calendar | 3,741 |
| instagram-feed | 231,833 |
| link-widget-title | 463 |
| marctv-mediaelement-tracking | 27 |
| meks-easy-social-share | 3,068 |
| meks-flexible-shortcodes | 4,169 |
| meks-smart-author-widget | 3,467 |
| meks-smart-social-widget | 3,993 |
| meks-themeforest-smart-widget | 2,442 |
| se-wp-fullcalendar | 0 |
| shapepress-dsgvo | 3,309 |
| username-changer | 2,273 |
Security Headers
F
Grade F
6 missing headers
Missing Headers:
- Strict-Transport-Security (HSTS) — Forces HTTPS connections ?
- Content-Security-Policy (CSP) — Prevents XSS attacks ?
- X-Content-Type-Options — Prevents MIME sniffing ?
- X-Frame-Options — Prevents clickjacking ?
- Referrer-Policy — Controls referrer information ?
- Permissions-Policy — Limits browser features ?
Exposed Files & Configurations
This domain has publicly accessible security-sensitive files or configurations:
- User enumeration exposed — Usernames are publicly discoverable via the REST API or author archives, aiding brute-force attacks ?
Need help securing your WordPress site? Contact us for a professional security audit.