How to interpret your WordPress security scan results

Hacker Target WordPress Security Scan will reveal crucial security information, but what does it all mean?

I have captured the critical elements of the scan below. Each item is described in plain English.

Exposed out of date WordPress Core

If you are seeing anything other than question marks for WordPress version your site is exposing that it is WordPress. It is probably in a vulnerable default setting.
The result above shows an out of date version of WordPress. Out of date versions could have known vulnerabilities that could be exploited.

The Google safe browse check should speak for itself if you see anything other than pass then you’ve got a serious problem.

 

Exposed out of date plugins

Ideally, you should not see a list of plugins. The example above shows two out of date plugins which again could expose a vulnerability.

 

Exposed WordPress theme

The WordPress theme is showing above. Again this should be hidden from view.

 

Exposed User IDs

If you can see the user IDs then you have a serious vulnerability. See my explanation of how easy it is to hack a site with this information.

 

exposed directory listing

Exposed directory listings

Exposed directory listings provide access to your file structure. Anyone could simply enter and view your data. Another potential problem is that Google or other search Engines could index content that you do not want to be made publically available.