Jetpack Protect


Jetpack Protect is a free security plugin for WordPress that scans your site and warns you about vulnerabilities, keeping your site one step ahead of security threats and malware.

What does Jetpack Protect check for?

Jetpack Protect scans your site on a daily basis and warns you about:

  • The version of WordPress installed, and any associated vulnerabilities
  • What plugins are installed and any related vulnerabilities
  • What themes are installed and any associated vulnerabilities

Over 25,000 registered malware and vulnerabilities in our database

WordPress security is something that evolves over time. Jetpack Protect leverages the extensive database of WPScan, an Automattic brand. All vulnerabilities and malwares are entered into our database by dedicated WordPress security professionals and updated constantly as new information becomes available.

Easy to setup and use

There’s nothing to configure – the setup process is as easy as:
1. Install and activate the plugin
2. Set up it with one click.

After you activate the plugin, Jetpack Protect will run daily automatic malware scans on your WordPress site and update you on vulnerabilities associated with your installed plugins, themes, and WordPress core.


This is just the start!

We are working hard to bring more features and improvements to Jetpack Protect. Let us know your thoughts and ideas!

Further reading


  • Focus on running your business while Jetpack Protect automatically scans your site.
  • Keep your site one step ahead of security threats and malware.
  • View all the found vulnerabilities in your site and learn how to fix them.


How does Jetpack Protect help your WordPress Site security?

Protect is a free WordPress security and malware scanner plugin that scans your site and lets you know possible malware and security threats on your installed plugins, themes, and core files.

Does this plugin require the Jetpack plugin to work?

Jetpack Protect does not require the Jetpack plugin to run and secure your site.

What are the differences between Jetpack Protect, Jetpack Scan, and WPScan plugins?

Jetpack Protect and Scan do not have any limit on the number of plugins and themes you can scan. WPScan has a daily cap based on your API usage.

For now, in Jetpack Protect, you can track your scan results only through the plugin’s dashboard. Jetpack Scan and WPScan have additional notifications such as email.

Jetpack Protect runs daily automated scans. Jetpack Scan and WPScan provide on-demand scan options on top of automatic scans.

Jetpack Scan has one-click fixers for most vulnerabilities. Protect does not have any fixers at this time, but it provides “how-to-fix” guides so that you can fix vulnerabilities manually.

Jetpack Protect and WPScans are standalone plugins that don’t need additional plugins to run, while Jetpack Scan needs the Jetpack plugin to work.

Jetpack Protect is a free plugin, and WPScan has free and paid options. On the other hand, Jetpack Scan is a paid plugin that you can purchase with a 14-day money-back guarantee. As with other paid Jetpack plugins, Scan users also have access to our priority support.

Will Jetpack Protect work on my local site?

Jetpack Protect requires a publicly accessible site to perform the vulnerability scan.

How will I know if Jetpack Protect has found WordPress security vulnerabilities and malware?

You can visit Jetpack Protect dashboard in your WordPress admin panel to see the security threats and malware found by the integrated malware scanner.

What do I do if Jetpack Protect finds a security threat?

When the malware scanner finds a security threat, you can view the recommended actions on the Jetpack Protect dashboard to secure your sites.

Can I set the time of the daily security scan?

It is not possible to set a time for the automated daily scans run by the integrated malware scanner.

Why do I need WordPress security and malware scan?

A hacked WordPress site can cause serious damage to your business revenue and reputation. Jetpack Protect scans your site and lets you know possible malware and security threats on your installed plugins, themes, and core files.

Where can I learn more about WordPress security and malware threats?

To learn how to achieve better WordPress security, see this guide. On the Jetpack Blog, you can find many more articles written by the top WordPress security experts.

Is Jetpack Protect the same thing as the Protect feature in the Jetpack plugin?

The new Jetpack Protect plugin is different from the Jetpack feature formerly known as Protect (now renamed Brute Force Attack Protection).
The features of the new Jetpack Protect plugin are not included in the Jetpack plugin, and both plugins can be installed together without any issues.


October 1, 2022
The scan took about 1 min. The result was satisfactory. After I uninstalled it, I will try it next month although I usually update things on time. Latest results as of septiembre 30th All vulnerabilities 0 Plugins Advanced Custom Fields PRO Connects - MailWizz Addon Convert Plus Google Analytics Jetpack Jetpack Protect Woo Checkout Editor WooCommerce WP Cost Estimation & Payment Forms Builder Yoast SEO Themes Pro & Child Theme No vulnerabilities found The last Protect scan ran and we didn't find vulnerabilities. In the footer there was a sale of the creator's services: Jetpack Security (10GB) €287.40 Discount for the first year €131.40 Plan subscription: €287.40 per year`
June 2, 2022
Unlike many bloated security plugins, this plugin seems to have all the necessary core features, without any BS. It's a positive development that Jetpack is splitting all the many features into their own plugins so you can pick and choose what features you need. The only downside I've noticed is that the plugin doesn't work if your site is hosted in a local development environment.
Read all 3 reviews

Contributors & Developers

“Jetpack Protect” has been translated into 17 locales. Thank you to the translators for their contributions.

Translate “Jetpack Protect” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.


1.1.2 – 2022-11-30


  • changed description and author
  • Updated package dependencies.