Skip to content

Releases: Web3-Serializer/WP-Audit

Release list

Release V1.0

Choose a tag to compare

@Web3-Serializer Web3-Serializer released this 27 Nov 14:39
ec7ead7

WP-Audit v1.0 Release Notes

🛡️ Version 1.0 – Initial Public Release

Release Date: 2025-11-27

✨ Features

  • AI-Powered audit reports for WordPress sites
  • HTML and Markdown report generation
  • Fully modular architecture with priority-based modules
  • Automatic CVE and exploit detection
  • Full TLS request support
  • Proxy support for scanning through HTTP(S) proxies
  • Password brute-forcing (authorized use only)
  • Easy to use CLI with multiple options
  • Threaded scanning for faster results

🔧 Modules Included

  1. WP Admin – Detect wp-admin, login, register, and XML-RPC endpoints
  2. Backup Files Scanner – Scan for exposed backup files
  3. WP Brute Force – Credential brute-force module (authorized use only)
  4. WP Fuzzer – Fuzz WordPress endpoints and parameters
  5. Exposed GIT Scanner – Detect public .git directories
  6. Directory Listing Scanner – Check for directory listing enabled
  7. WP Plugins – Enumerate installed plugins
  8. Exposed SVN Scanner – Detect public .svn directories
  9. WP Themes – Enumerate WordPress themes
  10. WP Users – Enumerate WordPress users
  11. WP Versions – Multi-method WordPress version detection
  12. WP Vulnerabilities – Check core, plugins, and themes for known CVEs

⚠️ Disclaimer

  • WP-Audit is an offensive security tool intended only for authorized testing and research. Do not scan targets without explicit permission.

Full Changelog: https://github.com/Web3-Serializer/WP-Audit/commits/Main