Releases: Web3-Serializer/WP-Audit
Releases · Web3-Serializer/WP-Audit
Release list
Release V1.0
WP-Audit v1.0 Release Notes
🛡️ Version 1.0 – Initial Public Release
Release Date: 2025-11-27
✨ Features
- AI-Powered audit reports for WordPress sites
- HTML and Markdown report generation
- Fully modular architecture with priority-based modules
- Automatic CVE and exploit detection
- Full TLS request support
- Proxy support for scanning through HTTP(S) proxies
- Password brute-forcing (authorized use only)
- Easy to use CLI with multiple options
- Threaded scanning for faster results
🔧 Modules Included
- WP Admin – Detect wp-admin, login, register, and XML-RPC endpoints
- Backup Files Scanner – Scan for exposed backup files
- WP Brute Force – Credential brute-force module (authorized use only)
- WP Fuzzer – Fuzz WordPress endpoints and parameters
- Exposed GIT Scanner – Detect public .git directories
- Directory Listing Scanner – Check for directory listing enabled
- WP Plugins – Enumerate installed plugins
- Exposed SVN Scanner – Detect public .svn directories
- WP Themes – Enumerate WordPress themes
- WP Users – Enumerate WordPress users
- WP Versions – Multi-method WordPress version detection
- WP Vulnerabilities – Check core, plugins, and themes for known CVEs
- WP-Audit is an offensive security tool intended only for authorized testing and research. Do not scan targets without explicit permission.
Full Changelog: https://github.com/Web3-Serializer/WP-Audit/commits/Main