The security experts at Sucuri are recommending that their clients use the black box scanner WPScan.
The scanner checks websites for vulnerabilities in the WordPress core, plugins and themes. Additionally, the plugin is informed about weak passwords, as well as problems with user and security configuration. The wpvulndb.com database check for unprotected software and the WPScan team add to the ever-growing list of security vulnerabilities.
WPScan should always be updated before a security scan so that the most current database can be used. Any time a security issue is flagged, the user can take steps such as updating software or deactivating plugins or themes to make their site as secure as possible.
WPScan is sponsored by Sucuri and can be downloaded today.