I have just made a WordPress plugin and I would like to scan it for OWASP Top 10 vulnerabilities, any resources on how to get started here?
Thanks
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Try https://hackertarget.com/vulnerability-scanner/ it has many other testing tools as well, some are free and others paid.
Method 2
Check out WPScan. It’s normally used as a command line scan tool but there’s also a wordpress plugin, which can make your life easier.
They have a series of automated scripts that search your website for vulnerabilities and warn you if it finds any. I just don’t know how well does it work on plugins, but it’s great for overall site vulnerabilities.
It’s based on the WPScan WordPress Vulnerability Database.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0