If you are keen on discovering new plugins and would like to find which plugins a WordPress-powered site is using, here is how you can do it. Though you can try to find the plugins being used on a particular site, there is no way the entire list of plugins being used can be detected.
Method 1 – WPThemeDetector
Though this tool is primarily used to detect the WordPress theme being used in any particular site, it can also be used for detecting plugins. Out of 20 active plugins used on my demo site for testing purposes, it was able to detect 5 plugins and the theme being currently used.
The detected theme was Magazine Pro Genesis Child theme by StudioPress and the detected plugins were Author hReview, MashShare Social Media Share Buttons, Jetpack by WordPress.com, Forget About Shortcode Buttons and WP Rocket.
Method 2 – View Source Code
Below are the keyboard commands for viewing a webpage’s source code on a PC or Mac.
- Firefox – CTRL + U (Meaning press the CTRL key on your keyboard and hold it down. While holding down the CTRL key, press the “u” key.) Alternatively, you can go to the “Firefox” menu and then click on “Web Developer,” and then “Page Source.
- Internet Explorer – CTRL + U. Or right-click and select “View Source.”
- Chrome – CTRL + U. Or you can click on the weird-looking key with three horizontal lines in the upper right hand corner. Then click on “Tools” and select “View Source.”
- Opera – CTRL + U. You also can right-click on the webpage and select “View Page Source.”
- Safari – The keyboard shortcut is Option+Command+U. You also can right-click on the webpage and select “Show Page Source.”
- Firefox – You can right-click and select “Page Source” or you can navigate to your “Tools” menu, select “Web Developer,” and click on “Page Source.” The keyboard shortcut is Command + U.
- Chrome – Navigate to “View” and then click on “Developer” and then “View Source.” You also can right-click and select “View Page Source.” The keyboard shortcut is Option+Command+U.
You can either see something like added by plugin name or you can search for ‘wp-content/plugins/’ in the source code to see the list of plugins being used. Also you can look for comments in the source code like the below snippets.
- The Yoast SEO plugin adds something like
<!-- This site is optimized with the Yoast SEO plugin v3.8 - https://yoast.com/wordpress/plugins/seo/ -->
- Social Warfare Plugin adds
<!-- Social Warfare v2.2.0 http://warfareplugins.com -->
- DuracellTomi’s Google Tag Manager for WordPress adds
<!-- Google Tag Manager for WordPress by DuracellTomi - http://duracelltomi.com -->
- Author hReview Pro adds
<!-- This site is optimized with the Author hReview Pro Plugin 188.8.131.52.5 by http://authorhreview.com -->
- OptinMonster adds
<!-- This site is converting visitors into subscribers and customers with OptinMonster - http://optinmonster.com -->
- Google Tag Manager adds
<!-- Google Tag Manager (noscript) -->
- W3 Total Cache adds
<!-- Performance optimized by W3 Total Cache. Learn more: https://www.w3-edge.com/products/ -->
- WP Rocket adds
<!-- This website is like a Rocket, isn't it ? Performance optimized by WP Rocket. Learn more: http://wp-rocket.me -->
Method 3 – WPScan (Advanced)
WPScan is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues. Using this tool, we will also be able to find the list of installed WordPress plugins. To use this tool, you need to have Kali Linux installed either on your PC or in virtual environments like VMware/Oracle VM VirtualBox.
To use this tool properly, follow the instructions at WPScan Package Description. This tool is also highly useful for detecting vulnerabilities on any WordPress powered site.
Thus I hope this tutorial has helped you in identifying new plugins used in some of your favorite WordPress powered sites. You might also be interested in reading my list of premium WordPress plugins to boost your site.