WP-CLI command to check active WordPress plugins against the Wordfence Intelligence V3 vulnerability feed.
- WP-CLI
- WordPress site context
WORDFENCE_API_KEYenvironment variable
wp package install https://github.com/szepeviktor/plugin-vulnerability.gitWORDFENCE_API_KEY="<your Wordfence v3 API key>" wp plugin vulnRegister a free account: https://www.wordfence.com/sign-in/?action=register
- The command checks active plugins only.
- It fails fast on feed/schema mismatches and unmatched active plugin slugs.