SZ

szepeviktor/plugin-vulnerability

Checks active plugins against Wordfence Intelligence V3 vulnerability feed

plugin vulnerability wordfence wp-cli wp-cli-command wp-cli-package

Plugin vulnerability command

WP-CLI command to check active WordPress plugins against the Wordfence Intelligence V3 vulnerability feed.

Requirements

WP-CLI
WordPress site context
WORDFENCE_API_KEY environment variable

Installation

wp package install https://github.com/szepeviktor/plugin-vulnerability.git

Usage

WORDFENCE_API_KEY="<your Wordfence v3 API key>" wp plugin vuln

Register a free account: https://www.wordfence.com/sign-in/?action=register

Notes

The command checks active plugins only.
It fails fast on feed/schema mismatches and unmatched active plugin slugs.

On this page

Languages

PHP100.0%

Contributors

Latest Release

v1.0.0February 22, 2026

Created February 22, 2026

Updated February 22, 2026