I will perform oscp certified wordpress security audit and fix it

S
stefan_spasov1
S
stefan_spasov1
Stefan Spasov

About this gig

Stigli smo na Description & FAQ korak (Overview i

 Pricing su već zeleno). Evo teksta za "Description"

 polje (766 karaktera, obično je limit oko 1200, pa

 staje lako):


 Your WordPress site might be exposing more than you

 think - admin usernames, outdated core/plugins, missing

 security headers, even exposed .git or .env files with

 credentials.


 Performed by an OSCP and CEH certified penetration

 tester (23+ security certifications total). I run a

 focused security scan covering:


 - Username enumeration (wp-json/wp/v2/users)

 - Author enumeration and XML-RPC exposure

 - Exposed .env, .git files and database backups

 - WordPress core version and known CVEs

 - Security headers (CSP, HSTS, X-Frame-Options, etc.)


 You get a clear report with severity levels for every

 issue found, and exactly what needs to be fixed.

 Optional: I fix everything for you as part of the

 Standard or Premium package.


 Turnaround: 24-48h depending on package.

Respect third-party rights

Please be aware that it is against Fiverr's policies for sellers to include themes, templates, or any other elements that infringe third-party rights or applicable laws in the delivered work. Read more about in our Guide to Responsible Digital Creation.

Get to know Stefan Spasov

Stefan Spasov

Ethical Hacker,pentester,red teamer,security engineerr

  • FromSerbia
  • Member sinceJun 2026
  • Avg. response time1 hour
  • Languages

    English
Cybersecurity specialist & AI content creator from.Serbia. 23+ professional certifications including OSCP, CEH,CCNA,CompTIA A+/Security+, Cisco Penetration Testing, and Computer/Digital Forensics.help businesses with three things:1) Securing their websites — WordPress vulnerability,scans, hardening,and clear before/after reports.2) Smart contract & Web3 security—manual review+working proof-of-concept exploits (reentrancy, flash loan attacks, oracle manipulation, signature phishing), not just automated scanner output.3) AI-powered UGC video ads — talking-head,web3 crypto audit,work,no fluff