| #1 | Wordfence Security – Firewall, Malware Scan, and Login Security | 21 | 1,592 | 2,973 | 5m+ | | | Output is not escaped |
| #2 | Jetpack – WP Security, Backup, Speed, & Growth | 23 | 2,821 | 1,303 | 3m+ | | | Text Domain Mismatch |
| #3 | NinjaFirewall (WP Edition) – Advanced Security Plugin and Firewall | 22 | 1,265 | 2,065 | 100k+ | | | Non-prefixed global variable |
| #4 | SecuPress with Simple SSL – Simple and Performant Security | 23 | 1,696 | 1,590 | 40k+ | | | Non-prefixed global variable |
| #5 | Kadence Security – Password, Two Factor Authentication, and Brute Force Protection | 23 | 1,053 | 967 | 700k+ | | | Missing Translators Comment |
| #6 | Security Plugin, Firewall & Malware Scanner with Auto Removal | 24 | 1,192 | 770 | 30k+ | | | Output is not escaped |
| #7 | NinjaScanner – Virus & Malware scan | 22 | 596 | 551 | 30k+ | | | Non-prefixed global variable |
| #8 | Jetpack Protect | 30 | 657 | 217 | 100k+ | | | Text Domain Mismatch |
| #9 | Defender Security – Malware Scanner, Login Security & Firewall | 24 | 306 | 518 | 80k+ | | | Non-prefixed namespace |
| #10 | Security Ninja – WordPress Security & Firewall | 29 | 149 | 347 | 7k+ | | | Direct Query |
| #11 | Jetpack VaultPress | 28 | 71 | 362 | 10k+ | | | Missing nonce verification |
| #12 | DefendWP Firewall | 39 | 16 | 203 | 3k+ | | | Non-prefixed global variable |
| #13 | Sucuri Security – Auditing, Malware Scanner and Security Hardening | 94 | 52 | 5 | 600k+ | | | Missing direct file access protection |
| #14 | AntiVirus | 99 | 2 | 1 | 30k+ | | | Missing direct file access protection |
