Quttera ThreatSign – Web Malware Scanner for WordPress

by quttera

Description

Quttera ThreatSign – Web Malware Scanner protects your WordPress website from malware, injected code, 0-day threats, and blacklist warnings.
Powered by Quttera’s AI-driven heuristic engine, the scanner detects malicious PHP, obfuscated JavaScript, hidden iframes, redirects, spam, SEO malware, and credit-card skimmers targeting checkout pages.
The plugin performs on-demand scans directly from your WordPress admin and checks your domain against more than 40 global security authorities, including Google, McAfee, Norton, and Yandex.
Detection capabilities are continuously enhanced using insights from Quttera’s worldwide threat intelligence network.
For complete protection—including automated malware removal, scheduled scanning, WAF, and 24/7 monitoring—you can upgrade to a ThreatSign Website Security plan.

Features:

One-click on-demand scans from WP admin
0-day (unknown threat) detection via heuristic & behavioral analysis
Detection of malicious PHP (backdoors, shells, injections)
Detection of obfuscated or polymorphic JavaScript
Identification of malicious iframes, redirects & hidden links
Detection of spam & SEO malware
Checkout skimmer detection
Inspection of WordPress core file integrity
Detection of alien or unauthorized files in core directories
External links and outbound reference analysis
Blacklist checks across 40+ security authorities
Cloud-based scanning to reduce server resource load
Detailed investigation reports with severity levels

If you need malware removal assistance, contact us at support@quttera.com or sign up for any
of our ThreatSign annual plans, which include cleanup & blacklist removal:
https://quttera.com/anti-malware-website-monitoring-signup

Credits

Quttera

Plugin’s other home

WordPress Malware Scanner

Installation

Download the plugin.
Go to the WordPress Plugins menu and activate it.
That’s it!

Screenshots

Quttera Web Malware Scanner for Word Press

Faq

How is this plugin different from similar plugins?

This plugin uses Quttera’s unique, patented malware scanning and detection technology. Its multi-layered heuristic engine gathers intelligence from the analyzed system and digests it into weighted rules to detect malicious code. A self-learning mechanism updates the ruleset using Quttera’s worldwide threat intelligence network.

What does the plugin detect?

The scanner identifies a wide range of threats, including:

Obfuscated JavaScript
Injected or malicious PHP code
Hidden iframes, redirects, and links
Spam and SEO malware
Card skimmers targeting WooCommerce checkout pages
Suspicious external links
Backdoors and PHP shells
Infected or modified WordPress core files

Heuristic and AI-powered analysis enables detection of new or unknown malware, not just known signatures.

What do I get for free with the plugin?

The free version includes:

On-demand scans from the WordPress admin
Blacklist checks across 40+ services
Malware detection (JS, PHP, backdoors, spam, iframes, skimmers, etc.)
Investigation report with severity levels:
- Clean
- Potentially Suspicious
- Suspicious
- Malicious

To enhance protection, upgrade to ThreatSign Website Security.

What is the heuristic scan?

Traditional scanning uses signature matching. Heuristic scanning uses rules, weight-based systems, emulators, flow analyzers, and statistical methods to detect potentially malicious functionality, even in previously unknown threats.

What to do if plugin detects something suspicious?

Quttera’s severity levels indicate potential risk. If you’re unsure whether a detection is harmful, our team can help. Contact us via ticket at https://helpdesk.quttera.com, email support@quttera.com, or the plugin’s WordPress Support Forum.

Do you offer paid services?

Yes. Our ThreatSign Website Security plans provide:

Expert malware cleanup
Automatic malware removal
Continuous & scheduled scans
Web Application Firewall (WAF)
DDoS protection & mitigation
Blacklist removal (40+ authorities)
24/7 monitoring & protection

Learn more: https://quttera.com

Why does the screen freeze or go blank during scan?

This usually happens if your hosting assigns only one PHP worker. The scan process occupies the only worker, temporarily blocking the site until the scan completes.

Why when I click Scan Now nothing happens?

Ensure JavaScript is enabled and your firewall isn’t blocking plugin requests. The plugin communicates with the backend via JavaScript-generated HTTP requests.

How can I send you the investigation report?

Use the “Download Report” button, save the file, and send it to us via https://helpdesk.quttera.com/open.php.

Why does the internal scan show 0 scanned files?

Your hosting may not allow WordPress Cron to function properly.
You can enable an alternative cron method by adding this line to wp-config.php:

define(‘ALTERNATE_WP_CRON’, true);

How to submit undetected samples?

Submit them via: https://helpdesk.quttera.com/open.php

Questions about investigation process

For questions about investigation process please refer to http://quttera.com or post in the Support section here.

Reviews

Effective plugin for vulnerability detection

By romeroz on January 12, 2025

It just helps when you're having trouble. Nice cool job, thank you!

Highly recommended

By nmrockswp on April 11, 2024

Great tool that helps you quickly find out whether and which plugins could be affected by a data leak if you have numerous attacks on WordPress (e.g. on wp-admin). You can then replace all plugin folders with the original plugin files via FTP, done. Very good job, thank you!

Cleaned all my issues. Fantastic

By oscarma007 on February 10, 2023

It cleaned the malware on my website before it executed and gave me issues. top-notch product.

Saved my life

By rocky12 on November 5, 2022

I wasnt expecting anything from this plugin but it has saved my lots of time and money. First I removed some critical files by wordfence and tried almost all malware scanners but non of the scanners could detect the infected files, infact wordfence was showing no threat but my site was displaying the japanese letters snippet on google and had 62000 links indexed on google console. I would say Malcare did a good job in scanning the malware but it doesnt show any files because of paid service. After running this scanner it showed me some malicious files and I removed them from the control panel by myself. Book malware was disappeared scanner didnt showed site is hacked. Thanks alot guys

Useless Adware

By WilliamCampbell on June 2, 2022

Only tells you that it is paid once it has supposedly detected infectoin. This can't be trusted when the vendor is motivated to detect false positives.

Excellent

By dfyz1337 on September 16, 2021

Отличный плагин! Теперь я могу спать спокойно. Поддержка ответила очень быстро и даже просмотрела мои подозрительные файлы вручную!

Works well!

By Harald Wenzel (epiphanius1) on March 1, 2021

The Only thing is that one has to sort out and whitelist quite a lot. One remark to the review before this one: Probably Quttera is not prepared for a XXAMP-server. The problems might be caused by the different file systems on Windows.

AVOID, CONTINUOUS FALSE POSITIVES

By Andrés Sorolla (andresgs) on September 26, 2020

This security plugin is a complete fraud. Once installed on my website and performed a high sensitivity test it found no less than 5 MALICIOUS FILES, 8 POTENTIALLY SUSPICIOUS FILES AND THE WORST 1381 SUSPICIOUS FILES!!!! Suspecting that this was not true, I proceeded to perform the following test. On a computer with a freshly installed copy of the original W10, all the updates done, an updated antivirus and without any virus detection, I installed a local copy of the latest version of WordPress in XAMPP. I named this local version of WordPress Quttera in honor of these gentlemen. I installed only the Quttera plugin and performed a high-sensitivity scan on this completely new installation of wordpress and then found: 3 MALICIOUS FILES and 8 POTENTIALLY SUSPICIOUS FILES !!!! Funny, isn't it? I proceeded to install the Elementor plugin and then changed the report to: 3 MALICIOUS ARCHIVES and 11 POTENTIALLY SUSPECTIVE ARCHIVES !!!! I proceeded to perform a third test.I installed the plugin Duplicator by Snap Creek and RANK MATH SEO this time the report was: 5 MALICIOUS AND 11 POTENTIALLY SUSPICIOUS FILES !!!! These results appear in a clean WordPress installation, with no post, image, or page created, nothing! I am completely convinced that this plugin is a scam. Quttera's owners scare you with false positives and countless suspicious files with the sole aim of making you pay for disinfecting something that is not infected and fattening Quttera's wallet. I hope this test will save users the time lost trying to clean something from viruses that is definitely not infected. Wordpress should remove this plugin from its list

Worth your time and money! HIGHLY RECOMMENDED

By Faststores (faststores) on August 27, 2020

I'd like to thank the Quttera team to fix our malware issues that other great security plugins doesn't detect. The premium price is worth every penny. You don't deserve to get 1 star rating. Highly recommended so thank you very much!!

Waste of time

By pdpiotr on August 17, 2020

It see malware, but not removes until you pay. waste of time and scam like malware.

Changelog

3.5.2.32

Added new detection rules

3.5.2.1

Fixed vulnerability type: Stored XSS Administrator+ role Affected Plugin. Thanks to Artyom Krugov for reporting and helping to improve our plugin.
Fixed vulnerability type: Server-Side Request Forgery. Thanks to Jonas Benjamin Friedli for reporting and helping to improve our plugin. CVE-2025-8013.

3.5.1.41

Added new detection rules

3.5.0.1

Added new detection rules
Added new GUI

3.4.2.1

Added new detection rules
Fixed vulnerability types: Directory Listing and Path Traversal. Thanks to Dmitrii Ignatyev for reporting and helping to improve our plugin.

3.4.0.1

Added capability to ignore specific files or directories

3.3.0.22

Added capability for high sensitive and normal scans

3.2.1.97

Added new detection rules

3.1.1.0

Fixed presentation of investigation report

3.0.21.17

Added new SEO/malware/ransomware detections

3.0.9.1

Added admin user verification on internal scan

3.0.8.65

Added new SEO/malware/ransomware detections

3.0.8.1

Fixes for 4.8.2 and new backdoor samples

3.0.7.45

Added new malware/shell samples

3.0.7.22

Added new spam samples

3.0.7.21

Added new spam samples

3.0.7.20

Added new malware shell

3.0.7.0

Added new malicious ads detection

1.0.0

Initial public release