29 Nov How to interpret your WordPress security scan results
Hacker Target WordPress Security Scan will reveal crucial security information, but what does it all mean?
I have captured the critical elements of the scan below. Each item is described in plain English.
Exposed out of date WordPress Core
If you are seeing anything other than question marks for WordPress version your site is exposing that it is WordPress. It is probably in a vulnerable default setting.
The result above shows an out of date version of WordPress. Out of date versions could have known vulnerabilities that could be exploited.
The Google safe browse check should speak for itself if you see anything other than pass then you’ve got a serious problem.
Exposed out of date plugins
Ideally, you should not see a list of plugins. The example above shows two out of date plugins which again could expose a vulnerability.
Exposed WordPress theme
The WordPress theme is showing above. Again this should be hidden from view.
Exposed User IDs
If you can see the user IDs then you have a serious vulnerability. See my explanation of how easy it is to hack a site with this information.
Exposed directory listings
Exposed directory listings provide access to your file structure. Anyone could simply enter and view your data. Another potential problem is that Google or other search Engines could index content that you do not want to be made publically available.