Security Analysis for:

Snyk’s security scan found the following vulnerabilities affecting your website. Ready to fix your vulnerabilities? Automatically find, fix, and monitor vulnerabilities for free with Snyk.

Fix for free

Full report

See on WebPageTest

Scan time

6:54:16 PM

Webpage Security Score


A+ is the best score you can get.
Learn more about this score.
Fix JavaScript vulnerabilities in your project with Snyk (or try the free & open source CLI) Test and protect my website

JavaScript Libraries with vulnerabilities

Note: We identified this as a WordPress website.
If you are keeping up to date with official WordPress software updates then you should be safe from vulnerable JavaScript libraries that are bundled within WordPress itself. These are often patched versions of libraries like lodash and jquery which include the security fixes by the WordPress Security Team.

We invite you to stay up to date with alert about vulnerable JavaScript libraries for your PHP projects. If you're using Composer to manage your WordPress, or other PHP projects, you can easily import Composer PHP projects to Snyk

Monitor my PHP Composer / WordPress code project

Security headers

HTTP security headers enable better browser security policies.

Successfully detected the following security headers:

New vulnerabilities are continuously found for jQuery, lodash, Angular and other libraries.
Monitor these libraries to protect your web application.

Stay up to date on CVEs by connecting your project to Snyk to receive automated notifications & fixes.
The following security headers are missing from the website:
low severity

X Content Type Options

The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions

medium severity

X Frame Options

Clickjacking protection: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from - allow from specified location, allowall - non-standard, allow from any location

high severity

Content Security Policy

A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context

low severity

X XSS Protection

A Cross-site scripting filter