[…] To run wp-scanner, please download the wp-scanner activator plugin. Once downloaded, simply activate it launch the wp-scanner and then de-activate it once your done. More detailed installation instructions are available here. […]

[…] hat BlogSecurity ein WordPress Plugin für den wp-scanner veröffentlicht. Seit einiger Zeit prüft der wp-scanner, ob sich im Quelltext […]

Glad y’all got this put together. Sorry that I didn’t get around to doing it myself. :)

Geof, no problems :)

[…] neues Plugin von Philipp Heinze sorgt für diesen HTML-Kommentar, so dass man nicht mehr von Hand die […]

Your instructions list above says “Launch wp-scanner and run your test” Those words are linked to a 404 and so I have no clue as to how I “launch” wp-scanner.
I have examined every possible part of the dashboard, and there is no mention of wp-scanner, except in the list of Plugins, naturally. And yes, I have activated it :)

Any ideas, suggestions, etc., most welcome….
I’m using WordPress 2.2.1

Michael, launch link has been fixed. If you have enabled the plugin, then try launch the scanner again. Thanks for pointing this out.

[…] Gleich testen mit dem WordPress-Sicherheitscheck. […]

How about adding a link to the wp-scanner tool in the plugin description?

http://blogsecurity.net/wordpress/tools/wp-scanner/

Ciao!

Doctor, that is a great idea, we will look at this for the next release.

Am really glad that, there is now a focus on Security. To an outsider, and a very new user of the WP Platform, its an Excellent sign of Maturity.

Keep Up the Great Work!!!

I would be more then willing to donate some dollars every now and then to help with the update/further development of such a product.

Don

Hi,

wp-scanner is not able to pull the complete list of plugins out from my wordpress.

My website was hacked and I am almost sure it was because of a bad plugin.

Could you help? I didnt want to provide my website here … for obvious reasons.

@not working: if you contact us via the contact form we may be able to help you identify the hole.

Is the scan supposed to list all the plugins that are active? Because it only lists a few of my plugins.

[…] plug des plus intéressant : wp-scanner plugin permet de vérifier la sécurité de son install […]

Wow, you guys have done a killer job with this. This is exactly something I have been looking for lately.

Great work!

I don’t know if I’m retarded or what. Plugin is installed and activated. No go. So I manually edited my themes index.php file trying each of the variations I found here , and . Mostly it just says blog not authorized, but I did get a couple server timeouts. Any ideas?

Same as Tyger mostly. Except nothing happens. Unless you count the code showing as is in the body of the page. Using WP 231.

I might add that the WP Upgrade Preflight Check plugin shows wp_scanner to have no problems.

It would be nice if wp_scanner would show up in the menu bar under options or something…

All the plugin does is add the into the index page. wp-scanner will check the index page for this comment.

We have had some cases where the plugin only adds the html comment into single posts. Hopefully, giving you insight into how it works will help you get on the right foot.

Hi guys. I have experienced the same problem as Tyger and Pif. After I have deleted the cached pages from wp-cache everything was fine with me.

[…] knowing the vulnerabilities on your own wordpress blog . I’ve found something interesting here , called wp-scanner . It works this simple […]

[…] the wp-scanner activator plugin. برای اطلاعات بیشتر در مورد نصب نیز اینجا کلیک کنید اینجام می تونید این برنامه رو اجرا کنید. از […]

I confirm Tyger/Pif/Guro’s problems. Deleting the cache helped. This occured _only_ after upgrade to 2.5.1… now it works…

I don’t have this plugin and I get the same yger/Pif/Guro’s problem. Also using 2.5.1

Nevermind, I’m blocking by ip address, forgot about that :-)