Title: Plugin Security Scanner
Author: Glen Scott
Published: <strong>2015年4月13日</strong>
Last modified: 2019年8月19日

---

プラグインを検索

このプラグインは **WordPress の最新3回のメジャーリリースに対してテストされていま
せん**。もうメンテナンスやサポートがされていないかもしれず、最新バージョンの WordPress
で使用した場合は互換性の問題が発生する可能性があります。

![](https://ps.w.org/plugin-security-scanner/assets/icon-256x256.png?rev=1133757)

# Plugin Security Scanner

 作者: [Glen Scott](https://profiles.wordpress.org/glen_scott/)

[ダウンロード](https://downloads.wordpress.org/plugin/plugin-security-scanner.2.0.2.zip)

 * [詳細](https://ja.wordpress.org/plugins/plugin-security-scanner/#description)
 * [レビュー](https://ja.wordpress.org/plugins/plugin-security-scanner/#reviews)
 * [開発](https://ja.wordpress.org/plugins/plugin-security-scanner/#developers)

 [サポート](https://wordpress.org/support/plugin/plugin-security-scanner/)

## 説明

This plugin determines whether any of your plugins or themes have security vulnerabilities.
It does this by looking up details in the WPScan Vulnerability Database.

It will run a scan once a day, and e-mail the administrator if any vulnerable plugins
or themes are found.

_Please note:_ As from version 2.0.0, you will need to [register on the WPScan Vulnerability Database](https://wpvulndb.com/users/sign_up)
site in order to get an API token. This token is required before any security scans
can be performed. Once you have your token, it can be added to the Plugin Security
Scanner settings page.

You can also register a webhook for notifications. The webhook will trigger daily,
even if no vulnerabilities found. The webhook is a post request, with JSON payload
containing the vulnerabilities.

You can enable the webhook under Settings\General tab – see the Plugin Security 
Scanner settings.

It also adds a new menu option to the admin tools menu called “Plugin Security Scanner”.
Clicking this runs a scan. If the scan finds any problems, it shows you a list of
plugins or themes that have vulnerabilities, along with a description of the issue.

The WPScan Vulnerability Database API, which this plugin uses, is free for non-commercial
use. However, any commercial usage will require that you purchase a commercial license
from WPScan. If you are using the API for your own site then you will not need a
commercial license. However, if you are a hosting company and install the plugin
systematically across all of your clients sites, then you will need to purchase 
a commercial license. If you are making heavy use of the API, it is likely that 
you will need to purchase a commercial license. To enquire about a commercial license,
please contact team@wpvulndb.com

Icons made by [Alessio Atzeni](http://www.flaticon.com/authors/alessio-atzeni) from
[www.flaticon.com](http://www.flaticon.com) is licensed by [CC BY 3.0](http://creativecommons.org/licenses/by/3.0/)

## スクリーンショット

 * [[
 * Example run of the security scanner that has found two vulnerable plugins.
 * [[
 * E-mail alert to administrator when vulnerable plugins have been found.

## 評価

![](https://secure.gravatar.com/avatar/7c50ba4af2e2c4a5374c41982b29ac76bac406970a53cf4892db4d1d57f9b1f6?
s=60&d=retro&r=g)

### 󠀁[Great plugin!](https://wordpress.org/support/topic/great-plugin-9160/)󠁿

 [Julie](https://profiles.wordpress.org/habannah/) 2016年9月3日

Peace of mind! Excellent support from the plugin author Proactive maintenance of
the WPScan Vulnerability Database

![](https://secure.gravatar.com/avatar/02ce3fbd1d03b09d4cbe862e253c16dbf9dc0214d84118304aae30083e22bb68?
s=60&d=retro&r=g)

### 󠀁[Fonctionne bien, mais ses messages manque de détails](https://wordpress.org/support/topic/fonctionne-bien-mais-ses-messages-manque-de-details/)󠁿

 [Sabine](https://profiles.wordpress.org/lisettemag/) 2016年9月3日 1 reply

Fonctionne très bien, mais j’abuse en espérant une petite amélioration essentielle…
Quand j’ai installé le plugin Zopim Live Chat la semaine dernière, il m’a adressé
dans les 24h un message : —— Vulnerability found: zopim-live-chat <= 1.2.5 – XSS
in ZeroClipboard Scan completed: 1 vulnerability found. —– Un peu court pour savoir
ce qu’il en retourne vraiment, mais le boulot de base est fait. Je suis alertée 
et le support de Zopim aussi. Maintenant, reste à trouver la faille… Plus de détails
seraient le bienvenu surtout quand on doit transmettre à un support.

![](https://secure.gravatar.com/avatar/f94cb8e7107d3093e864f4c0fdc33500e2a418c157d28788d47736f2cb2e37b5?
s=60&d=retro&r=g)

### 󠀁[Could also check WP version](https://wordpress.org/support/topic/could-also-check-wp-version/)󠁿

 [Edir Pedro](https://profiles.wordpress.org/edir/) 2016年9月3日

Slow to check because the API service works only one plugin at a time, but good 
enough. Could show the vulnerabilities found direct on Plugins page.

 [ 7件のレビューをすべて表示 ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/)

## 貢献者と開発者

Plugin Security Scanner はオープンソースソフトウェアです。以下の人々がこのプラグ
インに貢献しています。

貢献者

 *   [ Glen Scott ](https://profiles.wordpress.org/glen_scott/)

[“Plugin Security Scanner” をあなたの言語に翻訳しましょう。](https://translate.wordpress.org/projects/wp-plugins/plugin-security-scanner)

### 開発に興味がありますか ?

[コードを閲覧](https://plugins.trac.wordpress.org/browser/plugin-security-scanner/)
するか、[SVN リポジトリ](https://plugins.svn.wordpress.org/plugin-security-scanner/)
をチェックするか、[開発ログ](https://plugins.trac.wordpress.org/log/plugin-security-scanner/)
を [RSS](https://plugins.trac.wordpress.org/log/plugin-security-scanner/?limit=100&mode=stop_on_copy&format=rss)
で購読してみてください。

## 変更履歴

#### 2.0.2

 * Clarified 403 error

#### 2.0.1

 * Clarified error message in daily email

#### 2.0.0

 * Use WPScan Vulnerability Database API V3
 * Important notice: to use this plugin, you now need to register a user and get
   an API token from https://wpvulndb.com/users/sign_up
 * Improved error handling

#### 1.6.0

 * Moved settings to dedicated page
 * Added option to ignore unpatched issues

#### 1.5.2

 * Fix: Allow scanning if you are running WordPress nightly or release candidates

#### 1.5.1

 * Added option to ignore ‘WordPress 2.3-4.8.3 – Host Header Injection in Password
   Reset’ vulnerability

#### 1.5.0

 * Checks vulnerabilities in WordPress core files
 * Added ability to send an HTTP request when vulnerabilities are found (webhook)

#### 1.4.1

 * Fix issue with theme version checking

#### 1.4

 * Themes as well as plugins are now scanned for vulnerabilities

#### 1.3.1

 * Added check to make sure the WPVulnDb API has returned a valid response

#### 1.3

 * Added option under “Settings / General / Plugin Security Scanner” to disable 
   the email notification

#### 1.2.1

 * Moved to WPScan Vulnerability Database API v2

#### 1.2.0

 * Added i18n support

#### 1.1.9

 * Fix: Removed unecessary ob_flush calls
 * Fix: If vulnerability does not have a “fixed in” version number, report it as
   a vulnerability

#### 1.1.8

 * Fix: corrected links to WPScan Vulnerability Database

#### 1.1.7

 * Add link to WPScan Vulnerability Database details page

#### 1.1.6

 * Conditionally include plugin.php include in case it is not already included

#### 1.1.5

 * Escape output in HTML report to prevent XSS

#### 1.1.4

 * Added blog title to email subject

#### 1.1.3

 * Fixed bug that prevented admin email being sent

#### 1.1

 * Email admin daily if any vulnerabilities are found

#### 1.0

 * プラグインをリリース

## メタ

 *  バージョン **2.0.2**
 *  最終更新日 **7年前**
 *  有効インストール数 **800+**
 *  検証済み最新バージョン: **5.2.24**
 *  言語
 * [English (US)](https://wordpress.org/plugins/plugin-security-scanner/)
 * タグ
 * [plugins](https://ja.wordpress.org/plugins/tags/plugins/)[scanner](https://ja.wordpress.org/plugins/tags/scanner/)
   [secure](https://ja.wordpress.org/plugins/tags/secure/)[security](https://ja.wordpress.org/plugins/tags/security/)
   [vulnerabilities](https://ja.wordpress.org/plugins/tags/vulnerabilities/)
 *  [詳細を表示](https://ja.wordpress.org/plugins/plugin-security-scanner/advanced/)

## 評価

 5つ星中4.9つ星

 *  [  6 5-星レビュー     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=5)
 *  [  1 4-星レビュー     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=4)
 *  [  0 3-星レビュー     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=3)
 *  [  0 2-星レビュー     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=2)
 *  [  0 1-星レビュー     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/#new-post)

[すべてのレビューを見る](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/)

## 貢献者

 *   [ Glen Scott ](https://profiles.wordpress.org/glen_scott/)

## サポート

意見や質問がありますか ?

 [サポートフォーラムを表示](https://wordpress.org/support/plugin/plugin-security-scanner/)