Skip to main content


How secure is your WordPress website? Need Reassurance? We're offering a complimentary security scan

04 Aug 2022

image of a women sitting at desk by computer

Article written by Heidi McCullough

Imagine you're about to launch a new marketing campaign.

Everything is in place, and you're ready for the traffic to land on your company WordPress website.

Then, boom! – a security issue compromises your company's online presence.

Not a good impression for a first-time visitor, and a heck of a job to get it resolved internally.

A hacked WordPress site can cause serious damage to your business revenue and reputation.

Hackers can steal user information, passwords, install malicious software, and can even distribute malware to your users.

What’s more, new WordPress plugins, new users, and new themes can create website vulnerabilities that you might not even be aware of, so to prevent this from continuing, a security scan is important.

If your business website is built in WordPress – any version – we're here to help.

WordPress Security Audit

Zesty is offering businesses a complimentary WordPress security audit for the month of August. This scan highlights vulnerabilities in your site, and provides a report on now to rectify the issues.

Our scan examines your site in the same way most attackers do: It itemises details and checks them against its database of vulnerabilities and exploits. With this information, our team can more precisely address issues that might not be readily apparent.

As part of our ongoing client support and maintenance, we conduct these monthly scans for our existing clients to offer peace-of-mind and reassurance. We'd like to do the same for you

So, what does our security audit check for? It includes but is not limited to:

  • The version of WordPress installed and any associated vulnerabilities
  • What plugins are installed and any associated vulnerabilities
  • What themes are installed and any associated vulnerabilities
  • Username enumeration
  • Users with weak passwords via password brute forcing
  • Backed up and publicly accessible wp-config.php files
  • Database dumps that may be publicly accessible
  • If error logs are exposed by plugins
  • Media file enumeration
  • Vulnerable Timthumb files

Need help?

If you'd like reassurance that you're WordPress website is secure and robust, get in touch for a chat during August.

For things you can do to harden your WordPress Security click here.