Best Security WordPress Plugins

137 indexed plugins

Plugins

137

Active Installs

27m+

Average Score

Audited

122

Best Scored

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	Login Security Captcha	100		0	10k+	22 days ago	No open findings
#2	Stop XML-RPC Attacks	100		1	6k+	29 days ago	Non Prefixed Class Found
#3	BotBlocker Security – Firewall & Bot Protection	99		5	3k+	4 days ago	Non Prefixed Constant Found
#4	Protect Uploads	99	2	1	40k+	10 days ago	missing direct file access protection
#5	Stop User Enumeration	99	1	1	50k+	6 months ago	Dynamic Hookname Found
#6	WPMasterToolKit (WPMTK) – All in one plugin	99	1	4	4k+	2 months ago	trademarked term
#7	Manage XML-RPC	98	3	1	6k+	2 years ago	file system operations is writable
#8	Prevent XSS Vulnerability	98	10	1	6k+	11 months ago	Missing Arg Domain
#9	Safe SVG	98	7	4	1m+	2 months ago	Missing Arg Domain
#10	WP Author Slug	96	16	6	2k+	24 days ago	Text Domain Mismatch
#11	WPVulnerability	96		4	10k+	19 days ago	trademarked term
#12	MilesWeb Tools	95	4	49	10k+	11 months ago	Non Prefixed Variable Found
#13	Malcure Malware Shield — Removal, Repair, Monitor	95	75	6	10k+	22 days ago	wp function not compatible with requires wp
#14	Stop Spammers Classic	94	185	1	30k+	28 days ago	wp function not compatible with requires wp
#15	Sucuri Security – Auditing, Malware Scanner and Security Hardening	94	52	5	600k+	18 days ago	missing direct file access protection
#16	XO Security	94	5	3	30k+	2 months ago	wp function not compatible with requires wp
#17	Restricted Site Access	91	14	11	10k+	1 month ago	Missing Arg Domain
#18	Password Strength Settings for WooCommerce	89	17	6	10k+	3 years ago	Missing Arg Domain
#19	WP Admin Basic Auth	87	5	6	2k+	13 years ago	Input Not Sanitized
#20	AntiSpam for Contact Form 7	86	14	8	10k+	2 months ago	Text Domain Mismatch
#21	WP Ghost (Hide My WP Ghost) – Security & Firewall	85	6	373	100k+	19 days ago	Non Prefixed Variable Found
#22	HSTS Ready	85	3	11	3k+	1 month ago	Input Not Validated
#23	Salt Shaker	85	15	13	6k+	7 months ago	Interpolated Not Prepared
#24	Simple Automatic Updates	85	18	1	2k+	7 years ago	Missing Translators Comment
#25	WP Fail2Ban Redux	82	1	10	7k+	1 year ago	trademarked term
#26	Hostinger Tools	81	14	22	3m+	5 days ago	wp function not compatible with requires wp
#27	Smart Passworded Pages	80	11	8	2k+	9 years ago	wp function not compatible with requires wp
#28	Melapress File Monitor	80	16	90	6k+	1 month ago	Non Prefixed Variable Found
#29	OpenID Connect Generic Client	73	9	59	10k+	4 months ago	Non Prefixed Hookname Found
#30	Simple Login Captcha	70	20	19	10k+	26 days ago	date date
#31	Simple Login Lockdown	69	13	6	4k+	9 years ago	Output Not Escaped
#32	Content Security Policy Manager	68	19	2	2k+	4 years ago	Output Not Escaped
#33	Protection Against DDoS	68	22	5	3k+	6 years ago	Output Not Escaped
#34	Forget Spam Comment	67	5	10	9k+	1 year ago	Input Not Sanitized
#35	WP Anti-Clickjack	66	4	42	4k+	5 months ago	Recommended
#36	Inactive Logout	64	30	71	10k+	17 days ago	Non Prefixed Variable Found
#37	Meta Generator and Version Info Remover	52	20	28	10k+	9 months ago	Non Prefixed Function Found
#38	TrustedSite	50	29	14	20k+	10 months ago	Output Not Escaped
#39	LWS Hide Login	45	5	58	20k+	6 days ago	Missing Unslash
#40	BBQ Firewall – Fast & Powerful Firewall Security	44	17	17	100k+	2 months ago	Output Not Escaped
#41	User Role Editor	43	117	145	700k+	1 month ago	Output Not Escaped
#42	Lock Down Admin	42	30	20	3k+	7 years ago	Unsafe Printing Function
#43	Login No Captcha reCAPTCHA	42	45	24	60k+	26 days ago	Unsafe Printing Function
#44	Two Factor	42	18	70	100k+	3 months ago	Recommended
#45	WP Fingerprint	42	34	47	9k+	10 months ago	Direct Query
#46	Google Authenticator	41	39	65	20k+	3 months ago	Output Not Escaped
#47	Lockdown WP Admin	41	20	50	10k+	9 years ago	Missing Unslash
#48	Log cleaner for Solid Security	41	65	47	8k+	2 years ago	Text Domain Mismatch
#49	Advanced Country Blocker	40	23	77	2k+	5 months ago	Exception Not Escaped
#50	Limit Login Attempts	40	81	38	300k+	3 years ago	Output Not Escaped