{{> header.html page_title="Must-Use Plugins" header_widgets="" }} {{> threat/free_common.html }}
{{> threat/nav.html }}

mu-plugin threat hunter

Must-use plugins load automatically on every request and do not need to be activated in wp-admin. That makes wp-content/mu-plugins/ one of the best hiding places for WordPress persistence. BitFire PRO audits that directory for malware and suspicious loaders.

Why this tab matters: attackers love mu-plugins because even experienced site owners forget to inspect it. A single malicious PHP file there can execute on every request, survive plugin reinstalls, and re-infect the rest of the site. Purchase BitFire PRO to unlock the live mu-plugin audit.
Files
{{+ plugin_count }}
in mu-plugins/
OK
not checked
preview mode
Review
not checked
preview mode
Suspicious
not checked
preview mode
mu-plugins

Must-use plugin files {{+ plugin_count }} total

Every .php file directly under mu-plugins/ loads on every request. This preview lists the files BitFire found, but does not score or verify them yet.

{{#has_plugins}}
{{ template:mu_row "data" }} {{ end template }} {{ render:mu_row "plugins" }}
Plugin Status
{{- data.name_display }}
{{- data.file }}
{{ data.metadata_html }}
{{ data.description_html }} {{ data.reasons_html }} {{ data.info_html }} {{ data.preview_html }}
Status: not checked
{{/has_plugins}} {{#empty_visible}}

No mu-plugins found.

The wp-content/mu-plugins/ directory is empty or does not exist.

{{/empty_visible}}

Unlock mu-plugin scanning in BitFire PRO

The mu-plugin tab is built to catch the quiet persistence files that keep a compromised site from staying clean. Purchase BitFire PRO to inspect the auto-loaded must-use plugin path.

Especially useful when malware returns after plugin reinstalls or theme replacement.
Purchase BitFire PRO