You can follow the recent results of the Plugin Security Scorecard through the tool's Bluesky account.

• Password Policy Manager     C+
• Product FAQ for Woocommerce     C
• Login Lockdown     D+
• Headers Security Advanced & HSTS WP     C
• Admin and Site Enhancements (ASE)     C
• Titan Anti-spam & Security     F
• WP Hide & Security Enhancer     D
• Mythic Cerberus     C+
• BBQ Firewall     D+
• Duplicate Post     C+
• Solid Security     F
• Malcure Malware Scanner     C+
• Sucuri Security     D+
• AcyMailing     C+
• Wordfence Security     F
• SecuPress Free with Simple SSL     F
• BulletProof Security     F
• BitFire Security     F
• All-In-One Security (AIOS)     F
• WP Ghost (Hide My WP Ghost)     F
• NinjaFirewall (WP Edition)     D
• Anti-Malware Security and Brute-Force Firewall     D
• Developer Tools Blocker     C
• Houzez WooCommerce Addon     C
• HTTP Headers     C
• Trustpilot Reviews     C+
• Quantity Plus Minus Button for WooCommerce     C+
• Product Variations Swatches for WooCommerce     C+
• Back In Stock Notifier for WooCommerce     D
• Customer Reviews for WooCommerce     C
• Smart Coupons For WooCommerce Coupons     C+
• Min and Max Quantity for WooCommerce     C+
• Direct checkout, WooCommerce Single page checkout , WooCommerce One page checkout     C+
• Chatway Live Chat     C+
• Tidio     B
• Smartsupp     C+
• Top Bar     C+
• Omnisend for WooCommerce     C+
• DePay for WooCommerce     B
• Post Views Counter     B
• Live Sales Notifications for WooCommerce     C+
• Click to Chat     B
• LeadConnector     C+
• Hide Admin Bar Based on User Roles     C+
• Regenerate Thumbnails     C
• SiteGround Migrator     C+
• OneSignal     B
• Super Page Cache     C+
• jQuery Pin It Button for Images     D+
• Ultimate Post Kit Addons For Elementor     C+
• Survey Maker     C+
• My Sticky Bar     C+
• Simple Custom Post Order     B
• Customizer Export/Import     C+
• Email Verification, Email OTP, Block Spam Email, Passwordless login, Magic Login     C+
• Station Pro     D+
• Gellum Business Hours for WooCommerce     B
• Debloat     C
• Secure Custom Fields     B
• ProfilePress     C
• Enlighter     C
• AudioIgniter Music Player     B
• Xpro Theme Builder For Elementor     B
• Ansar Import     C+
• EasyTest     C
• SearchWP Live Ajax Search     F
• گرویتی فرم فارسی     C+
• WP Redis     C+
• Redis Object Cache     D+
• Slider by Soliloquy     F
• NextGEN Gallery     F
• Cookie Notice & Consent Banner for GDPR & CCPA Compliance     B
• CookieYes     B
• Turn Rank Math FAQ Block to Accordion     C+
• Blocksy Companion     C
• Shutterstock     C
• Ninja Forms     F
• TI WooCommerce Wishlist     C+
• Timber     F
• Clean Image Filenames     B
• WP All Export     C
• WP Export     D+
• SureCart     C
• OG     C
• Creative Mail     C
• Burst Statistics     F
• WooCommerce Square     C
• WooCommerce added to cart popup (Ajax)     B
• Ultimate Gift Cards for WooCommerce     B
• Side Cart Woocommerce     C+
• BackWPup     F
• GeoDirectory     C
• Cost of Goods     B
• Import Export Suite for CSV and XML Datafeed     F
• User Feedback     F
• Image Optimizer     F
• ACF Content Analysis for Yoast SEO     B
• Table of Contents Plus     F
• SQLite Object Cache     C+
• Smush Image Optimization     F

Check Another Plugin

Choose WordPress plugin available in the Plugin Directory to check by searching on its name or slug:

Choose a category to see a comparison of all the WordPress plugins already graded from that category:

Choose ClassicPress plugin to check by searching on its name or slug:

Check Plugin Not in WordPress Plugin Directory

Subscribers of our service can submit ZIP files of plugins that are not in the WordPress Plugin Directory to have them checked. (Not all issues can be checked for with uploaded plugins, as they require data not available with just the plugin's files.) You can sign up for the service for free here. For existing subscribers, once you are logged in to your account, return to this page to access that functionality.

The results of these gradings will not be stored.

About the Scorecard

The Plugin Security Scorecard grades plugins' handling of security based on data coming from the Plugin Vulnerabilities service, checking over the contents of the plugin, the WordPress.org API, and data generated specifically for the tool. It provides a useful, but incomplete, understanding of the security posture of the plugin and its developer. All the issues identified are ones that the developer of the plugin has the ability to address to get the grade of the plugin up to an A+.

Grades are calculated based on issues with any of the following:

• Plugins known to be vulnerable
• Plugin developers with track records of improperly handling security problems
• Security issues in the plugin that can be detected in an automated fashion
• Issues with the developer's developerment processes that suggest that their could be problems with security
• Plugins making unsupported, misleading, and false claims about their handling of security and the handling of security with WordPress

We are working to expand and refine the tools' ability to provide a good measure of plugins' security status. If you are aware of an additional security concern with this plugin that isn't represented here, please contact us. Other feedback on the tool is also welcome.

If you want a comprehensive understanding of the security of the plugin, a well-done security review is really needed to provide that.