composer require umutphp/wp-vulnerability-check 

 ./wp-vulnerability-check --help --------------------------- WP Vulnerability Check version 0.2.2 --------------------------- Usage: wp-vulnerability-check [options] Options: --config Full path for the YAML config file. A sample config file is .wvc.yml.sample in root folder. CLI arguments override the values in config file. --path Full path of your WordPress installation. --plugins-path Relative path of the plugin folder. It is optional. Please specify if you don't use default plugin folder.  --mu-plugins-path Relative path of the mu plugin folder. It is optional.  Please specify if you don't use default mu plugin folder. --themes-path Relative path of the theme folder. It is optional. Please specify if you don't use default theme folder.  --token Token got from wpscan.com  --exclude Exclude the plugins given in comma separated format.  --output The format of output. Valid values JSON, READABLE, HTML,  NO (Default).  --no-colors Disable the console colors. It is enabled by default.  --version Show version.  --help Print this help. 

$ ./wp-vulnerability-check --path /path/to/plugins/ --token token --output readable Checking WordPress version ... . ------------------------------------------------------------ Vulnerability Details Checking plugins... ....... Checked 7 plugins in 2 second, no vulnerability found. The plugins which are not in WPScan Vulnerability Database; akismet, custom-css-js, hello, multisite-clone-duplicator, wp-migrate-db, base, mu-autoloader. PS: You can exclude your custom plugins with --exclude parameter. Checking theme... . Checked 1 theme in 0.2 second, no vulnerability found. The theme which is not in WPScan Vulnerability Database; simple-days. PS: You can exclude your custom themes with --exclude parameter.