Name: VulnTitan – Malware Scanner, Vulnerability Scanner & Security
Rating: 5 (1 reviews)

ವಿವರಣೆ

VulnTitan is a WordPress security plugin focused on malware scanning and removal, vulnerability detection, file integrity monitoring, firewall protection, and anti-spam controls for comments and supported forms.

Instantly scan your WordPress site for malware infections and known vulnerabilities, review detailed results, and clean or remove malware safely using a guided fix workflow with automatic backups.

VulnTitan focuses on practical protection: vulnerability detection, malware scanning and removal, file integrity monitoring, firewall protection, anti-spam defense for comments and supported forms, hidden custom login access, and a weekly executive security digest every 7 days.

Malware Scanner

The WordPress malware scanner inspects your site files for suspicious code patterns and known malicious signatures.

Detect malware infections in core, plugins, and themes
Review problematic files with contextual code preview
Safe-fix workflow with automatic backups
Clear severity indicators and actionable recommendations

Vulnerability Scanner

The vulnerability scanner checks your installed WordPress core, plugins, and themes against a real-time vulnerability database powered by the VulnTitan API.

Detect vulnerable plugins and themes
Identify outdated components with known security risks
Real-time vulnerability intelligence
Clear risk explanations and remediation guidance

File Integrity Scanner

Monitor unauthorized file changes and unexpected modifications.

Baseline comparison for WordPress files
Queue-based processing for performance safety
Visual status legends for fast review
Actionable next steps for suspicious changes

Firewall, Login, Comment & Form Protection

VulnTitan includes firewall, WAF, login protection, and anti-spam controls to block common attack patterns and protect WordPress login, comment, and supported form submission surfaces.

Early MU-plugin runtime request guards
SQL injection (SQLi) payload protection
Command injection detection
Suspicious path traversal blocking
Endpoint whitelisting controls
Login lockout protection against brute-force attacks
TOTP-based two-factor authentication for selected roles
Recovery codes and trusted-device support for enrolled accounts
CAPTCHA protection for login, registration, lost-password, and optional comment forms
XML-RPC allow, disable, or rate-limit policy controls with IP allowlisting
Weak-password blocking during profile updates, password resets, and compatible registrations
Comment Shield with honeypot, submit-time validation, duplicate detection, guest link limits, and IP rate limiting
Form Shield for Contact Form 7 and Fluent Forms with honeypot, signed submit tokens, link heuristics, repeated-domain detection, and IP rate limiting
Form spam blocks are logged into the WAF/live feed with provider-aware source labels for easier review
Suspicious comments can be held for moderation or blocked immediately
Configurable custom login slug so administrators can use a private login URL instead of the default wp-login.php
Default wp-login.php and guest wp-admin access can be hidden behind a 404 response when custom login is enabled
Weekly executive security report email with 7-day firewall, login abuse, WAF, and comment spam statistics

Security-First Architecture

Secure storage and cleanup of scan queues and logs
Hardened backup handling outside ABSPATH by default
Adaptive performance tuning for safe large-site scanning

WP-CLI Support

VulnTitan supports WP-CLI commands for malware, integrity, and vulnerability scans so administrators can run checks from the terminal, scripts, or server automation.

wp vulntitan scan malware
wp vulntitan scan integrity
wp vulntitan scan vulnerability
wp vulntitan scan all
Optional flags: --scope=plugins, --format=json, --fail-on-findings

External services

This plugin connects to an external API at https://vulntitan.com/api/vulnerabilities to fetch up-to-date vulnerability data for WordPress core, plugins, and themes. This data is essential for detecting known vulnerabilities during scan operations.

When a vulnerability scan is performed, the following data is sent to the VulnTitan API:
– The slug and version of each plugin
– The slug and version of each theme
– The WordPress core version

This data is transmitted only during scans initiated by the user or by scheduled scan settings. No personal, user-identifying, or sensitive site data is collected, transmitted, or stored.

The external service is provided and operated by VulnTitan.com.

Screenshots

WordPress malware and vulnerability scan dashboard overview.
Malware detection results with safe-fix workflow and backup protection.
Vulnerability scanner results showing vulnerable plugins and themes.
File integrity scan results with baseline comparison.
Firewall and WAF protection settings panel.
Vulnerability scan progress bar.
Firewall hidden custom login configuration and protected access screen.

Installation

From your WordPress dashboard

Navigate to Plugins > Add New
Click Upload Plugin
Upload the downloaded ZIP file
Click Install Now, then Activate

From FTP or File Manager

Upload the extracted vulntitan folder to the /wp-content/plugins/ directory
Go to your WordPress dashboard
Navigate to Plugins > Installed Plugins
Find VulnTitan and click Activate

Once activated

Go to VulnTitan in your admin menu
Click Scan Now to run a malware and vulnerability scan
Review detected vulnerabilities, malware infections, and file integrity issues
Apply guided safe fixes where needed

FAQ

Who owns the VulnTitan API?

The VulnTitan API is developed, owned, and maintained by the same team behind this plugin. It is not a third-party service. The API is operated solely to provide accurate and real-time vulnerability intelligence for WordPress sites.

What data does the plugin send to the API?

The plugin sends only non-personal technical information such as plugin slugs, theme slugs, and WordPress core version numbers. No personal data, login credentials, email addresses, or sensitive information is transmitted or stored.

Why is the API connection required?

The API provides up-to-date vulnerability data needed to detect known security issues affecting WordPress core, plugins, and themes. Without this connection, vulnerability detection would not function correctly.

Does VulnTitan remove malware?

Yes. When malware is detected, VulnTitan provides a guided safe-fix workflow with backup protection so you can review and safely remove infected files.

Does VulnTitan support WP-CLI?

Yes. VulnTitan includes WP-CLI commands for malware, integrity, vulnerability, and combined scans.

Examples:

wp vulntitan scan malware
wp vulntitan scan integrity
wp vulntitan scan vulnerability
wp vulntitan scan all
wp vulntitan scan malware --scope=plugins
wp vulntitan scan all --format=json
wp vulntitan scan vulnerability --fail-on-findings

My site is behind a proxy or CDN. How do I configure IP detection?

If you use Cloudflare, enable “Trust Cloudflare” in VulnTitan > Firewall > Access Shield > Proxy & CDN. For other reverse proxies or load balancers, add their IP addresses to “Trusted Proxy IPs”. If your site is not behind a proxy or CDN, leave these settings disabled to avoid spoofed IP addresses in logs and lockouts.

Does VulnTitan protect contact forms from spam?

Yes. VulnTitan currently supports spam protection for Contact Form 7 and Fluent Forms, alongside native WordPress comment anti-spam controls.

‍ವಿಮರ್ಶೆಗಳು‍

componentz ಮೇ 17, 2025

I’ve been using VulnTitan for a few weeks now and I’m genuinely impressed. The plugin is fast, lightweight, and managed to detect vulnerabilities I had completely overlooked in some of my plugins. I especially like the file integrity and malware scanning features – they provide great peace of mind. The interface is clean and easy to use, and the reports are clear and helpful.Highly recommended for anyone serious about securing their WordPress site!

Read all 1 review

Contributors & Developers

“VulnTitan – Malware Scanner, Vulnerability Scanner & Security” is open source software. The following people have contributed to this plugin.

Jaroslav Svetlik

Translate “VulnTitan – Malware Scanner, Vulnerability Scanner & Security” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

v2.1.16 – 25 Mar, 2026

Tightened Comment Shield spam detection with casino, betting, gambling, promotional-link, repeated-domain, and thin-link comment heuristics for guest comments.
Added firewall logging when suspicious comments are held and when WordPress routes comments into the pending moderation queue.
Expanded the weekly executive security digest with form spam, comment queue, and broader protection-profile coverage.
Improved the HTML digest layout on mobile by stacking compressed two-column sections into a readable single-column flow.

v2.1.15 – 18 Mar, 2026

Added “Not installed” provider messaging in Spam Protection and disabled unavailable form provider toggles until Contact Form 7 or Fluent Forms is activated.

v2.1.14 – 18 Mar, 2026

Fixed the Firewall settings save flow after the Spam Protection UI refactor by removing stale legacy comment-field JavaScript references.

v2.1.13 – 18 Mar, 2026

Added form anti-spam protection for Contact Form 7 and Fluent Forms with honeypot, signed submit tokens, link heuristics, repeated-domain detection, and rate limiting.
Added a dedicated Spam Protection UI with separate Comments and Forms controls plus provider toggles.
Logged supported form spam blocks into the WAF/live feed with provider-aware source labels and separated form blocks from general WAF blocks in the live feed.

v2.1.12 – 16 Mar, 2026

Added vulnerability detail fields: fixed version, affected versions, CVSS score/vector, published date, and exploit status.
Added risk score (severity + exposure) badges in vulnerability findings.
Added risk decisions (“Accept risk” / “Ignore”) with expiry and audit log entries.
Persisted risk decisions in a dedicated table and return decisions in scan results.
Added robust formatting for affected version ranges, including Wordfence-style range objects.
Mapped API fields (patched_versions, published, etc.) to UI-friendly names.
Added inline update/deactivate actions that run without leaving the scan view.
Added post-update rescan to refresh vulnerability cards in place.
Refreshed update transients before building scan items so update actions appear consistently.

v2.1.11 – 16 Mar, 2026

Normalized slug handling for single-file plugins and edge cases to improve scan accuracy.
Continued scans when individual items fail instead of aborting the entire run.
Added timeout/backoff handling with clear 429/503 messaging for vulnerability data requests.
Added short server-side cache per (type, slug, version) and surfaced “data age” in the overview.
Added filters and sorting for severity, component type, active status, and fix availability.
Added direct actions for “Update now”, “Deactivate”, and “Open plugin page”.
Added “Last scan at”, “Errors count”, and “Data age” to the scan overview.
Improved scan flow with “Retry failed”, “Stop scan”, and smart auto-scroll.
Styled scan output filter dropdowns to match the dashboard theme and remove white backgrounds.

v2.1.10 – 16 Mar, 2026

Added Learning Mode suggestions for WAF whitelisting, with configurable thresholds and review-only approvals.
Added a Learning Suggestions panel and actions to approve or dismiss suggested patterns.
Fixed a PHP 8.4 deprecation warning by making trusted proxy settings nullable explicitly.

v2.1.9 – 16 Mar, 2026

Added Proxy/CDN configuration in Firewall settings, including Trust Cloudflare and trusted proxy IPs.
Added in-dashboard warnings when proxy headers are detected but trust is not configured.
Updated IP detection to trust forwarded headers only for configured proxies.
Restricted malware, integrity, and vulnerability scan actions to administrators only.
Hardened integrity scan file handling to prevent unsafe path traversal.

v2.1.8 – 16 Mar, 2026

Fixed PHP 7.4 compatibility by replacing PHP 8-only syntax in scanner, CAPTCHA, and login-security flows.

v2.1.7 – 16 Mar, 2026

Added an approvals workflow for WAF-blocked admin-ajax and REST requests, including targeted whitelist patterns and approve/dismiss actions.
Added admin alerts and a menu badge for pending approvals, with direct links to the Approvals tab.
Moved the Clear Logs action into the Live Security Feed toolbar.

v2.1.6 – 15 Mar, 2026

Added scan progress status notes that highlight the current component or file during Malware, Vulnerability, and Integrity scans.

v2.1.5 – 15 Mar, 2026

Added role-based 2FA enforcement so selected roles must enroll before using the admin dashboard, with a direct setup shortcut.
Moved the live Firewall security feed into its own submenu and replaced pagination with a Load more flow.
Added quick actions to unblock or allowlist locked-out IPs from the Firewall feed.

v2.1.4 – 14 Mar, 2026

Added a Login Security Pack with TOTP-based 2FA, recovery codes, trusted devices, CAPTCHA form protection, XML-RPC policy controls, and weak-password blocking.
Reworked the 2FA setup UX into a clearer step-by-step profile flow with QR provisioning and inline activation feedback.
Fixed 2FA setup and challenge-screen issues so activation errors return to the verification step and the public login flow no longer depends on admin-only helpers.

v2.1.3 – 14 Mar, 2026

Added WP-CLI scan commands for malware, integrity, vulnerability, and combined scan execution.
Added readme documentation and FAQ examples for running VulnTitan scans from the terminal.

v2.1.2 – 14 Mar, 2026

Refined the Vulnerability scanner UI with a more professional overview and findings layout.
Moved the Vulnerability Overview panel outside the scrolling results area so it stays sticky as a separate summary block.
Improved clean-result messaging so results now explicitly reference the scanned plugin, theme, or WordPress core component.

v2.1.1 – 14 Mar, 2026

Added a live-updating Firewall security feed with auto-refresh, pause/resume controls, quick filters, search, and per-event forensic detail panels.
Expanded Firewall feed event data so administrators can inspect richer request, actor, and rule context directly in the admin UI.
Improved live refresh behavior so recent event polling no longer overwrites unsaved Firewall settings while the page is open.

v2.1.0 – 13 Mar, 2026

Added Comment Shield anti-spam protection for WordPress comments with honeypot, submit-time validation, duplicate detection, link controls, and IP rate limiting.
Added Firewall dashboard and weekly digest statistics for blocked or moderated comment spam activity.
Changed Firewall MU loader status to show WordPress-relative paths such as wp-content/mu-plugins/vulntitan-firewall.php instead of absolute server filesystem paths.

v2.0.8 – 13 Mar, 2026

Added a weekly executive security digest email with 7-day firewall telemetry, login abuse summaries, WAF detections, and top targeted paths/rules.
Added Firewall settings for enabling the weekly digest and overriding the recipient email address.
Upgraded the digest into a professional branded HTML email template with VulnTitan logo, metric cards, timeline, and protection profile summary.

v2.0.7 – 13 Mar, 2026

Fixed custom login logout requests on some Nginx-backed WordPress sites so hidden login logout no longer triggers 502 Bad Gateway responses.
Stabilized hidden login request bootstrapping and canonical custom login route handling for logout/login flows.

v2.0.6 – 12 Mar, 2026

Added configurable custom login slug support so administrators can use a private login URL instead of the default wp-login.php path.
Hidden direct guest access to default wp-login.php and wp-admin entry points when custom login protection is enabled.
Reworked the Firewall page with a tabbed settings layout, a wider recent events section, and toast-style action feedback.

v2.0.4 – 10 Mar, 2026

Redesigned the VulnTitan Dashboard into an elite, professional security command center layout.
Redesigned the Firewall page into a professional command center layout.
Removed the dashboard sidebar to keep the UI focused on scan operations.
Redesigned the top navigation bar to match the new elite dashboard and firewall style.
Fixed scan progress indicator layout in the redesigned dashboard.

v2.0.3 – 10 Mar, 2026

Reduced false positives for benign decode-only utilities (e.g., base64 + gzuncompress).
Reduced false positives for safe data:image/svg+xml;base64 payloads.
Disabled auto-fix for low-risk malware findings to prevent accidental code removal.

v2.0.2 – 10 Mar, 2026

Reduced malware scanner false positives for base64-decoded signature and key material.
Avoided false positives from benign data:image base64 CSS payloads embedded in PHP/JS strings.
Prevented false positives on large serialized option blobs without execution or file-write patterns.

v2.0.1 – 03 Mar, 2026

Fixed Vulnerability scanner UI so the “Vulnerability Overview” section stays pinned at the top while results are scrolled.
Reduced Malware scanner false positives for benign CSS content: strings and similar static string-literal matches.

v2.0.0 – 25 Feb, 2026

Major release with redesigned Malware, Vulnerability, and File Integrity scan UX.
Improved malware scanner with detailed problematic-files panel and guided safe-fix actions.
Enhanced vulnerability detection powered by updated API intelligence.
Improved file integrity scanner with clearer legends and performance tuning.
Added dedicated Firewall module with MU runtime guards and login lockout protection.
Added WAF payload protection for SQL injection and command injection.
Security hardening for backup storage and automated cleanup routines.

For full release history, see CHANGELOG.md included in the plugin package.