There are many WordPress plugins out there.
Everyday, a newer and possibly more exciting WordPress plugin is launched either on the WordPress plugin repo or on some premium WordPress marketplace.
I like discovering new WordPress plugins.
I especially find it quite tempting to know what plugins a popular website is using.
There are a few ways in which you can find the list of plugins used on a WordPress blog, but there is no way to know the complete list until that blog’s plugin folder is publicly accessible or you have the FTP login info. That said, there are still a few work-arounds to getting that list of plugins.
4 Tricks to Finding Out Which WordPress Plugins Are Used on a WordPress Site
Find Plugins Using Kali OS: “WPScan” command
This is the method for techies.
You can install Kali OS on your system using Parallels or VMware. On my Mac, I use Parallels to install Kali OS.
Using the following command in Terminal for Kali will let you scan any WordPress site.
Command: WPscan -u domain.com
Here is the result from one of my sites after using the “WPScan” command:
This command is also useful for finding vulnerabilities on any WordPress site (including yours).
If you are not tech savvy, you can also use any of the other suggested methods.
Identify WordPress Plugins Using WPThemeDetector:
The same tool we use to discover themes can also be used to find the plugins list.
I used WPThemeDetector to see how accurate it is by checking the list of plugins I use here at WPSaviour.
Here are the results:
Out of 30+ plugins I use on my blog, this free tool detected 8 plugins.
Here is the list of detected plugins:
- Jetpack by WordPress.com
- Q2W3 Fixed Widget
- Google Tag manager plugin
- PushEngage plugin
I’m a little unsure of why it detected the last one (OptinMonster) as I’m not using a Facebook like box plugin. I’m actually using Facebook code to add a like box, but whatever, that’s OK as this tool detected the same plugin for almost every other blog I searched for.
Find Plugins Using Google Search:
This is what I call a quick hack and it might not work for popular WordPress blogs as they have already imposed essential security settings.
For many blogs who haven’t blocked access to their WP-content folder, you can use Google to search for the list of plugins they are using on their website.
Simply search Google with this query:
- (Replace “www.xxxxx.com” with your desired domain name)
To my surprise, one of my blogs is listing down all of its plugins:
If you see this for your blog, you can login to your Google Webmaster tool and remove the directory Wp-content/plugins/ from search engines. Make sure the directory is blocked by your robots.txt file.
This might not work in all cases, yet it is a useful trick that you should know about.
Check Source Code:
This is another method which works most of the time, especially when someone is using a premium theme. You can either see something like */added by plugin name/* or you can search for “wp-content/plugins/” in the source code to see the list of plugins.
This way you can at least find the name of many plugins used by any WordPress website on the planet.
I use these methods once in a while for popular WordPress blogs to find new plugins which might be of interest to me.
I hope this tutorial has helped you to identify a few new plugins some of your favorite WordPress sites are using. If you know of any other method of finding out which plugins are being used by a website, let me know via the comments.