Skip to content
crosshair

GitHub Action

WordPress Vulnerability Scanner

1.0.1 Latest version

WordPress Vulnerability Scanner

crosshair

WordPress Vulnerability Scanner

A GitHub action that can be used to run vulnerability checks using the 10up WP-CLI Vulnerability Scanner

Installation

Copy and paste the following snippet into your .yml file.

              
- name: WordPress Vulnerability Scanner

              
  uses: jazzsequence/action-wordpress-vulnerability-scanner@1.0.1
Learn more about this action in jazzsequence/action-wordpress-vulnerability-scanner

Choose a version

WordPress Vulnerability Scanner Action

GitHub Workflow Status GitHub Workflow Status Shellcheck Status GitHub GitHub release (latest by date)

A GitHub action that can be used to run vulnerability checks using the 10up WP-CLI Vulnerability Scanner.

Inputs

api-provider

The Vulnerability API provider to use. Supported values are wordfence, patchstack and wpscan. Default wordfence.

api-token

The API token to use for the Vulnerability API provider. Default ''. Required if api-provider is wpscan or patchstack. (wordfence does not require an API token but does accept one for more robust scanning.)

type

The type of scan to run. Supported values are plugin and theme. core is supported in an experimental state. Default plugin.

name

The name of the plugin or theme to scan. Defaults to the name of the repository.

Example usage

uses: jazzsequence/action-wordpress-vulnerability-scanner@v1
with:
  api-provider: 'patchstack'
  api-token: ${{ secrets.PATCHSTACK_API_TOKEN }}
  type: 'plugin'
  name: 'my-plugin'