Plugins DatabasePlugins Database logo
Back to plugins
Homepage WordPress

Actions

DownloadAuthor pageSee on WordPress

Plugin info

Total downloads: 4,264,121
Active installs: 10,000
Total reviews: 47
Average rating: 3.9
Support threads opened: 0
Support threads resolved: 0 (0%)
Available in: 1 language(s)
Contributors: 1
Last updated: 12/3/2025 (27 days ago)
Added to WordPress: 6/7/2012 (13 years old)
Minimum WordPress version: 3.3.2
Tested up to WordPress version: 6.9
Minimum PHP version: f

Maintenance & Compatibility

Maintenance score

Actively maintained • Last updated 27 days ago • 47 reviews

74/100

Is Quttera ThreatSign – Web Malware Scanner for WordPress abandoned?

Likely maintained (last update 27 days ago).

Compatibility

Requires WordPress: 3.3.2
Tested up to: 6.9
Requires PHP: f

Ratings

33
1
1
1
11See all reviews

Developers

quttera (Owner)1

Languages

Similar & Alternatives

Explore plugins with similar tags, and compare key metrics like downloads, ratings, updates, support, and WP/PHP compatibility.

No similar plugins found yet.
See more alternatives to Quttera ThreatSign – Web Malware Scanner for WordPress

Description

Quttera ThreatSign – Web Malware Scanner protects your WordPress website from malware, injected code, 0-day threats, and blacklist warnings.
Powered by Quttera’s AI-driven heuristic engine, the scanner detects malicious PHP, obfuscated JavaScript, hidden iframes, redirects, spam, SEO malware, and credit-card skimmers targeting checkout pages.
The plugin performs on-demand scans directly from your WordPress admin and checks your domain against more than 40 global security authorities, including Google, McAfee, Norton, and Yandex.
Detection capabilities are continuously enhanced using insights from Quttera’s worldwide threat intelligence network.
For complete protection—including automated malware removal, scheduled scanning, WAF, and 24/7 monitoring—you can upgrade to a ThreatSign Website Security plan.

Features:

  • One-click on-demand scans from WP admin
  • 0-day (unknown threat) detection via heuristic & behavioral analysis
  • Detection of malicious PHP (backdoors, shells, injections)
  • Detection of obfuscated or polymorphic JavaScript
  • Identification of malicious iframes, redirects & hidden links
  • Detection of spam & SEO malware
  • Checkout skimmer detection
  • Inspection of WordPress core file integrity
  • Detection of alien or unauthorized files in core directories
  • External links and outbound reference analysis
  • Blacklist checks across 40+ security authorities
  • Cloud-based scanning to reduce server resource load
  • Detailed investigation reports with severity levels

If you need malware removal assistance, contact us at [email protected] or sign up for any
of our ThreatSign annual plans, which include cleanup & blacklist removal:
https://quttera.com/anti-malware-website-monitoring-signup

Credits

Plugin’s other home

Installation

  1. Download the plugin.
  2. Go to the WordPress Plugins menu and activate it.
  3. That’s it!

Frequently Asked Questions

How is this plugin different from similar plugins?

This plugin uses Quttera’s unique, patented malware scanning and detection technology. Its multi-layered heuristic engine gathers intelligence from the analyzed system and digests it into weighted rules to detect malicious code. A self-learning mechanism updates the ruleset using Quttera’s worldwide threat intelligence network.

What does the plugin detect?

The scanner identifies a wide range of threats, including:

  • Obfuscated JavaScript
  • Injected or malicious PHP code
  • Hidden iframes, redirects, and links
  • Spam and SEO malware
  • Card skimmers targeting WooCommerce checkout pages
  • Suspicious external links
  • Backdoors and PHP shells
  • Infected or modified WordPress core files

Heuristic and AI-powered analysis enables detection of new or unknown malware, not just known signatures.

What do I get for free with the plugin?

The free version includes:

  • On-demand scans from the WordPress admin
  • Blacklist checks across 40+ services
  • Malware detection (JS, PHP, backdoors, spam, iframes, skimmers, etc.)
  • Investigation report with severity levels:
    • Clean
    • Potentially Suspicious
    • Suspicious
    • Malicious

To enhance protection, upgrade to ThreatSign Website Security.

What is the heuristic scan?

Traditional scanning uses signature matching. Heuristic scanning uses rules, weight-based systems, emulators, flow analyzers, and statistical methods to detect potentially malicious functionality, even in previously unknown threats.

What to do if plugin detects something suspicious?

Quttera’s severity levels indicate potential risk. If you’re unsure whether a detection is harmful, our team can help. Contact us via ticket at https://helpdesk.quttera.com, email [email protected], or the plugin’s WordPress Support Forum.

Do you offer paid services?

Yes. Our ThreatSign Website Security plans provide:

  • Expert malware cleanup
  • Automatic malware removal
  • Continuous & scheduled scans
  • Web Application Firewall (WAF)
  • DDoS protection & mitigation
  • Blacklist removal (40+ authorities)
  • 24/7 monitoring & protection

Learn more: https://quttera.com

Why does the screen freeze or go blank during scan?

This usually happens if your hosting assigns only one PHP worker. The scan process occupies the only worker, temporarily blocking the site until the scan completes.

Why when I click Scan Now nothing happens?

Ensure JavaScript is enabled and your firewall isn’t blocking plugin requests. The plugin communicates with the backend via JavaScript-generated HTTP requests.

How can I send you the investigation report?

Use the “Download Report” button, save the file, and send it to us via https://helpdesk.quttera.com/open.php.

Why does the internal scan show 0 scanned files?

Your hosting may not allow WordPress Cron to function properly.
You can enable an alternative cron method by adding this line to wp-config.php:

define(‘ALTERNATE_WP_CRON’, true);

How to submit undetected samples?

Submit them via: https://helpdesk.quttera.com/open.php

Questions about investigation process

For questions about investigation process please refer to http://quttera.com or post in the Support section here.

Review feed

No reviews available

Screenshots

  1. Quttera Web Malware Scanner for Word Press

    Quttera Web Malware Scanner for Word Press

Changelog

3.5.2.20

  • Added new detection rules

3.5.2.1

  • Fixed vulnerability type: Stored XSS Administrator+ role Affected Plugin. Thanks to Artyom Krugov for reporting and helping to improve our plugin.
  • Fixed vulnerability type: Server-Side Request Forgery. Thanks to Jonas Benjamin Friedli for reporting and helping to improve our plugin. CVE-2025-8013.

3.5.1.41

  • Added new detection rules

3.5.0.1

  • Added new detection rules
  • Added new GUI

3.4.2.1

  • Added new detection rules
  • Fixed vulnerability types: Directory Listing and Path Traversal. Thanks to Dmitrii Ignatyev for reporting and helping to improve our plugin.

3.4.0.1

  • Added capability to ignore specific files or directories

3.3.0.22

  • Added capability for high sensitive and normal scans

3.2.1.97

  • Added new detection rules

3.1.1.0

  • Fixed presentation of investigation report

3.0.21.17

  • Added new SEO/malware/ransomware detections

3.0.9.1

  • Added admin user verification on internal scan

3.0.8.65

  • Added new SEO/malware/ransomware detections

3.0.8.1

  • Fixes for 4.8.2 and new backdoor samples

3.0.7.45

  • Added new malware/shell samples

3.0.7.22

  • Added new spam samples

3.0.7.21

  • Added new spam samples

3.0.7.20

  • Added new malware shell

3.0.7.0

  • Added new malicious ads detection

1.0.0

  • Initial public release
Back to plugins