wpscan

wpscan is good for scanning WordPress sites for security issues and out-of-date plugins and themes and more!

Basic scan of a site with an API key

wpscan --url https://yoursite.com --api-token XXX

Basic scan with random user agent string, ignored redirects, and testing ALL plugins for vulns

wpscan --url https://yoursite.com --random-user-agent --api-token XXX --ignore-main-redirect -e ap

Scan and save output

wpscan --url https://yoursite.com --api-token XXX -o savedoutput -f [json/cli-no-colour/cli-no-color,cli]