=== SiteShield ===
Contributors: michaelfrankland
Tags: security, scanner, hardening, rest api, xml-rpc
Requires at least: 6.0
Tested up to: 6.9
Requires PHP: 7.4
Stable tag: 1.0.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Check your WP site in 10 seconds. Run a one-click quick scan and see clear Critical, Warning, and Safe findings with attacker-visible evidence.

== Description ==

SiteShield gives WordPress site owners a fast security snapshot in one click.

No noisy logs. Just clear results:

* Critical findings
* Warning findings
* Safe checks
* "Show me what an attacker can see" evidence panel

This plugin is intentionally tight and fast for V1.

= Included quick checks =

* Public REST API endpoints
* Exposed user data (author records, possible email leakage)
* Debug mode enabled
* Directory listing enabled
* Basic wp-config exposure probes
* Known risky plugins (simple version checks)
* Missing security headers
* XML-RPC enabled
* Admin path discoverability

= VibeShield for Mac upsell =

SiteShield includes a built-in CTA to continue with VibeShield for Mac for deeper scans, richer reports, and advanced fix suggestions.

== Installation ==

1. Upload the `siteshield` plugin folder to the `/wp-content/plugins/` directory, or upload the plugin zip from the WordPress Plugins screen.
2. Activate the plugin through the `Plugins` screen in WordPress.
3. Open `SiteShield` in the WordPress admin menu.
4. Click `Run quick scan`.

== Frequently Asked Questions ==

= Does SiteShield change my site configuration? =

No. SiteShield V1 is read-only and performs lightweight checks.

= Will this slow down my site? =

No. Scans run on-demand from wp-admin and are designed to complete quickly.

= Is this a full penetration test? =

No. This is a fast, practical quick scan. Use VibeShield for Mac for deeper analysis and reporting.

= Who can run scans? =

Only users with `manage_options` capability (typically administrators).

== Screenshots ==

1. SiteShield dashboard with one-click quick scan button
2. Critical / Warning / Safe result columns
3. "Show me what an attacker can see" evidence panel

== Changelog ==

= 1.0.0 =
* Initial release
* One-click quick scan
* Critical / Warning / Safe findings output
* Attacker-visible evidence panel
* VibeShield for Mac CTA

== Upgrade Notice ==

= 1.0.0 =
Initial release of SiteShield.
