Skip to content
Scan script for a quick security check of all installed WordPress instances on a Linux server!
Branch: master
Clone or download
Latest commit ca06af6 Nov 28, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information. Renamed license file for better output on GitHub Apr 10, 2019
MAINTAINERS Added readme, maintainers and license Mar 25, 2019 Update Nov 28, 2019
installer Rename project Apr 12, 2019
screenshot.png Release 1.2.5 May 23, 2019
wpchk.phar Release 1.3.0 Jun 27, 2019

WPchk powered by Plesk

Plesk WPchk is a WordPress Security checker tool to analyze the security status of all WordPress instances on a Linux server.

It will not make any changes, but display security issues found for each of the found WordPress instances. We are happy to receive your feedback at

How to use

  1. Download and install the standalone script using this command in your terminal:

    curl > wpchk-installer && sh wpchk-installer

  2. Run the script with this command:


That's it!

WPchk powered by Plesk

Additional options

Displays the help page:

wpchk --help

Updates WPchk to the latest version to include latest security checks:

wpchk --update

Outputs scan results in the JSON format:

wpchk --json

Scan specific path only (can also be combined with --json):

wpchk --path=/var/www/vhosts/

Shows WPchk version:

wpchk --version

How to fix

Get the WordPress Toolkit to fix all issues with one click and stay always up-to-date & secure:

If you have any questions or feedback, please don't hesitate to contact us:

Technical Requirements

The minimum required PHP version is 5.4 due to WP-CLI dependency.


Licensed under the Plesk Software License. You may obtain a copy of the License at

You can’t perform that action at this time.