security

70 indexed plugins

Plugins

Active Installs

26m+

Average Score

Audited

Best Scored

Rank	Plugin	Score	Errors	Warnings	Installs	Updated	Top Issue
#1	Protect Uploads password protection protection security	99	2	1	40k+	2026-06-11	missing direct file access protection
#2	Stop User Enumeration fail2ban security user enumeration	99	1	1	50k+	2025-12-15	Dynamic Hookname Found
#3	Safe SVG SVG Vector media	98	7	4	1m+	2026-04-14	Missing Arg Domain
#4	WPVulnerability security site health vulnerability	96		4	10k+	2026-06-02	trademarked term
#5	Stop Spammers Classic anti-spam no spam security	94	185	1	30k+	2026-05-24	wp function not compatible with requires wp
#6	Sucuri Security – Auditing, Malware Scanner and Security Hardening firewall malware scan	94	52	5	600k+	2026-06-03	missing direct file access protection
#7	XO Security Brute Force login maintenance	94	5	3	30k+	2026-04-12	wp function not compatible with requires wp
#8	Restricted Site Access limited permissions privacy	91	14	11	10k+	2026-05-11	Missing Arg Domain
#9	Password Strength Settings for WooCommerce accounts passwords security	89	17	6	10k+	2023-10-11	Missing Arg Domain
#10	AntiSpam for Contact Form 7 GeoIP antispam honeypot	86	14	8	10k+	2026-04-21	Text Domain Mismatch
#11	WP Ghost (Hide My WP Ghost) – Security & Firewall Brute Force firewall hide my wp	85	6	373	100k+	2026-06-02	Non Prefixed Variable Found
#12	Hostinger Tools hostinger https maintenance	81	14	22	3m+	2026-06-16	wp function not compatible with requires wp
#13	OpenID Connect Generic Client apps login oauth2	73	9	59	10k+	2026-02-13	Non Prefixed Hookname Found
#14	Simple Login Captcha captcha login security	70	20	19	10k+	2026-05-26	date date
#15	Inactive Logout concurrent login limit idle logout logout	64	30	71	10k+	2026-06-04	Non Prefixed Variable Found
#16	TrustedSite security social proof trust badge	50	29	14	20k+	2025-08-26	Output Not Escaped
#17	LWS Hide Login LWS security	45	5	58	20k+	2026-06-15	Missing Unslash
#18	BBQ Firewall – Fast & Powerful Firewall Security bots firewall secure	44	17	17	100k+	2026-04-19	Output Not Escaped
#19	User Role Editor access editor role	43	117	145	700k+	2026-05-21	Output Not Escaped
#20	Login No Captcha reCAPTCHA bots google nocaptcha	42	45	24	60k+	2026-05-26	Unsafe Printing Function
#21	Two Factor 2FA MFA authentication	42	18	70	100k+	2026-03-27	Recommended
#22	Google Authenticator authentication login otp	41	39	65	20k+	2026-04-07	Output Not Escaped
#23	Lockdown WP Admin WebSite Security lockdown secure	41	20	50	10k+	2017-11-28	Missing Unslash
#24	Limit Login Attempts authentication login security	40	81	38	300k+	2023-04-04	Output Not Escaped
#25	Blackhole for Bad Bots anti-spam blackhole bots	39	123	69	30k+	2026-04-21	Output Not Escaped
#26	WPS Limit Login WPS Limit Login authentication limit login	39	152	76	100k+	2025-06-24	Output Not Escaped
#27	Activity Log – Monitor & Record User Changes Activity Log audit log email log	38	81	149	200k+	2026-06-07	Recommended
#28	MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites backups monitoring security	38	3	136	700k+	2026-06-16	Non Prefixed Hookname Found
#29	underConstruction construction preview private	36	98	60	40k+	2024-03-08	Unsafe Printing Function
#30	Security Optimizer – The All-In-One Protection Plugin firewall login malware scanner	35	40	82	1m+	2026-05-15	Missing Unslash
#31	WPFront User Role Editor User Access capability manager role editor	35	333	578	30k+	2026-05-20	Output Not Escaped
#32	Zero Spam for WordPress firewall protection security	34	79	393	20k+	2026-03-16	Non Prefixed Variable Found
#33	Companion Auto Update auto control safety	33	159	298	50k+	2026-03-21	Direct Query
#34	Admin Menu Editor admin dashboard menu	32	159	233	300k+	2026-05-17	Non Prefixed Variable Found
#35	Advanced Access Manager – Access Governance for WordPress access governance api security restricted content	32	849	62	100k+	2026-05-25	Output Not Escaped
#36	WP fail2ban – Advanced Security Brute Force fail2ban login	32	75	153	60k+	2025-04-29	Dynamic Hookname Found
#37	Titan Anti-spam & Security – Brute Force Protection, 2FA & Spam Filter antispam brute force protection security	31	57	196	50k+	2026-05-19	Recommended
#38	My Private Site login privacy private site	31	425	190	20k+	2026-06-05	Text Domain Mismatch
#39	LWS Tools LWS admin optimisation	31	104	134	20k+	2026-06-15	Missing Unslash
#40	MainWP Dashboard: Self-hosted WordPress Management for Agencies backups manage multiple wordpress sites security	31	95	317	20k+	2026-06-02	Interpolated Not Prepared
#41	Jetpack Protect jetpack malware protect	30	657	217	100k+	2026-04-11	Text Domain Mismatch
#42	WPS Cleaner WPS Cleaner database nettoyage	30	430	491	20k+	2025-06-24	Output Not Escaped
#43	CloudSecure WP Security Brute Force WAF anti-spam	29	74	350	100k+	2026-05-21	Missing Unslash
#44	WP Hide & Security Enhancer 2FA headers hide	27	124	375	50k+	2026-06-08	Input Not Sanitized
#45	Kadence Central – Site Management, Backups, Security, and Reporting backup manage multiple websites manage updates	26	462	213	30k+	2026-06-11	Text Domain Mismatch
#46	Limit Login Attempts Security – Login Security, 2FA, Firewall, Brute Force Prevention 2FA Brute Force firewall	25	621	602	1m+	2026-06-16	Unsafe Printing Function
#47	Loginizer Loginizer access admin	25	814	504	1m+	2026-05-08	Output Not Escaped
#48	Nexter Extension – Security, Performance, Code Snippets & Site Toolkit code snippet elementor image optimizer	25	198	710	10k+	2026-06-16	Recommended
#49	Simply Static – The Static Site Generator jamstack performance security	25	163	446	30k+	2026-06-19	Non Prefixed Hookname Found
#50	Wordfence Login Security 2FA captcha login security	25	248	418	70k+	2026-04-29	Output Not Escaped