November 2, 2023

WordFence CLI 2.0.1 update introduces free vulnerability scanning

WordFence CLI 2.0.1, innovative protection with free vulnerability scanning for WordPress security.

WordFence CLI

In the dynamic world of web security, it is essential to stay updated with the latest tools and techniques to protect our websites from the various dangers that threaten them on a daily basis. One tool that is emerging as an essential in every developer and IT professional's toolkit is WordFence CLI, especially with its latest update that deserves our attention.

WordFence, already known for its malware detection capabilities, has reached a new milestone with version 2.0.1, introducing free vulnerability scanning. This feature has been the most requested since the CLI product launched at WordCamp US two months ago, and is now available to users.

For those unfamiliar with WordFence, it is a well-known name in web application security, particularly appreciated for its Web Application Firewall, malware scanner, and login security products. The plugin, available for free, is installed on over 4 million websites, demonstrating its popularity and reliability.

The WordFence CLI is the first command-line malware and vulnerability scanner ever made for WordPress servers. The goal is to provide an indispensable tool for developers, site cleaners who need to analyze large numbers of files, agencies and hosting companies who want to scan entire networks of millions of customers.

Vulnerability scanning in WordFence CLI 2.0.1 uses our open vulnerability database. The database is completely free and includes open APIs along with web hooks, so developers can build real-time alert systems into their applications. Our mission is to protect the web, and we believe that having an open vulnerability database, with an open source, robust, high-performance vulnerability scanner for servers, aligns with this goal.

Since most vulnerabilities come from the research community, we believe they are public property, while some companies charge for their vulnerability collection, we do not believe it is appropriate to resell what is publicly owned, which is why we have created a open and completely free vulnerability database.

said Mark Maunder, CEO of WordFence.


CLI vulnerability scans use the WordFence Intelligence Vulnerability API feed, which is free for both personal and commercial use. Contains more than 12.250 unique vulnerability records covering 7.600 plugins and themes. The WordFence team adds an average of 82 new vulnerabilities per week.

Version 2.0.1, dubbed “Voodoo Child,” simplifies installation so users no longer have to visit the WordFence site to get an API key. The tool fetches the API key in the background, making it easier to get started.

WordFence Cli Example

WordFence CLI is licensed under GPLv3 and is available on GitHub, along with documentation for installing, configuring, and running the application.

“WordFence CLI is one of those projects where the product roadmap writes itself, because there is such an obvious need for a powerful tool like this in the WordPress server administration space,” said Matt Barry, lead developer at WordFence. “We are in this for the long haul and will continue to invest heavily in WordFence CLI, with your guidance.”

Visit the official WordFence website for more information and download access.

The importance of a system like WordFence CLI cannot be emphasized enough, especially in an era where cyber attacks are commonplace. Not only does it identify known and potentially harmful vulnerabilities, it also provides a crucial layer of security that can save website operators from headaches, financial losses and reputational damage.

Vulnerabilities can come in various forms, such as bugs in the code, incorrect configurations, or deprecated plugins and themes. A vulnerability scanner like the WordFence CLI helps spot these pitfalls before they can be exploited, through an automatic scanning process that compares site components to an updated database of known vulnerabilities.

In addition to detecting problems, it is critical to act promptly to mitigate any identified risks. This may include updating plugins and themes, fixing incorrect configurations, or patching vulnerable code. Prompt action can make the difference between a safe site and one exposed to unacceptable risks.

Furthermore, vulnerability scanning tools are just one part of a larger set of security practices that every website should adopt. These include data encryption, multi-factor authentication, regular backups and user education on cybersecurity.

Web security is an ongoing, evolving process that requires vigilance and dedication. With tools like WordFence CLI, system administrators and developers can sleep easier knowing they have a powerful resource to keep their sites safe.

The WordFence CLI update to 2.0.1 represents a significant step forward in the fight against web vulnerabilities. By providing a free and robust vulnerability scanner, WordFence is helping create a safer online environment for everyone. It's an example of how innovation and openness can go hand in hand in improving Internet safety. For Linux hosting and systems companies focused on web performance, like ours, the integration of tools like WordFence CLI is essential to guarantee the security and reliability of the services offered to customers.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.


Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.


Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

Back to top