Terms of Service

By accessing or using WP Scan at wp-scan.org ("Service"), you agree to be bound by these Terms of Service. If you do not agree, do not use the Service.

WP Scan is a static code analysis tool that scans WordPress themes and plugins for known vulnerability patterns. It is provided as-is for informational and defensive security purposes. The Service does not guarantee that scanned code is free of all security issues, nor does it guarantee protection against all attacks.

You agree to use the Service only for lawful purposes and only to scan WordPress code you own, have developed, or have explicit written permission from the owner to scan. You must not:

• Use the Service to scan code you do not own or lack permission to analyse
• Upload files containing personally identifiable information about third parties
• Attempt to reverse-engineer, bypass, or abuse the scanning engine
• Use the Service to develop or improve offensive tools for unauthorised use
• Resell, sublicense, or redistribute the Service or its output without our written consent
• Deliberately overload or attack the Service infrastructure

A license key is issued to you personally and is non-transferable. It may be used on your own projects only. Sharing, reselling, or publicly disclosing your license key is prohibited and will result in immediate key revocation without refund.

The free tier is rate-limited to 5 scans per hour and supports ZIP uploads up to 20 MB. We reserve the right to adjust free-tier limits at any time to protect service availability.

Payments are processed by PayPal. All prices are in USD.

Refund eligibility: if the Service does not function as described on your server environment due to a compatibility issue on our side, you may request a full refund within 14 days of purchase by emailing support@wp-scan.org.

Non-refundable situations: refunds are not issued for change-of-mind, incompatibility due to a non-standard server configuration you control, or if a scan correctly identifies issues you prefer not to have found.

All code, design, and content of the Service are the property of WP Scan and protected by copyright and applicable IP laws. You may not reproduce or redistribute any part of the Service without prior written permission.

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. WP SCAN DOES NOT WARRANT THAT THE SERVICE WILL DETECT ALL SECURITY VULNERABILITIES IN SCANNED CODE.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WP SCAN SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES. IN NO EVENT SHALL OUR TOTAL LIABILITY EXCEED THE AMOUNT YOU PAID FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM.

We reserve the right to modify, suspend, or discontinue any part of the Service at any time. We shall not be liable to you for any modification, suspension, or discontinuation.

These Terms are governed by applicable law. Disputes shall be resolved by good-faith negotiation; if that fails, by binding arbitration or courts of competent jurisdiction.

We may update these Terms at any time. The "last updated" date at the top reflects the most recent revision. Continued use of the Service after changes constitutes your acceptance.

Questions? Email us at support@wp-scan.org.