=== Treder Security Snapshot ===
Contributors: bdtreder
Tags: security, audit, admin, report, hardening
Requires at least: 6.0
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 1.0.0
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

A lightweight WordPress security health report with a simple score, clear findings, and beginner-friendly suggested fixes.

== Description ==

Treder Security Snapshot gives WordPress site owners a simple local security health report.

It is not a firewall, malware removal tool, or all-in-one security suite. It focuses on clear visibility, practical recommendations, and easy reporting.

The free version checks common WordPress security basics and gives you a security score from 0 to 100.

= Free Features =

* Security score from 0 to 100
* Dashboard tab
* Detailed audit tab
* Scan history tab
* WordPress dashboard widget
* Beginner-friendly explanations
* Suggested fixes
* Local scan history

= Free Security Checks =

* WordPress core update status
* Plugin update status
* Theme update status
* Default admin usernames
* User enumeration risk
* XML-RPC status
* File editing status
* Debug mode status
* Directory browsing indicators
* HTTPS and SSL status
* Database prefix check
* WordPress version visibility
* Public registration status
* Inactive plugins

= Pro Upgrade =

Treder Security Snapshot Pro is planned as a companion plugin that unlocks advanced automation features.

On WordPress 7.0 and newer, Pro can optionally use the WordPress AI Client and configured AI Connectors to generate plain-English fix plans, client summaries, and monthly security notes. AI features should only explain and summarize. They should not automatically edit files or apply server changes.

Pro unlocks:

* Advanced security checks
* 1-click hardening actions
* Scheduled email reports
* Client-ready report exports
* White-label agency reports
* No upgrade banners inside the dashboard

== Installation ==

1. Upload the `treder-security-snapshot` folder to `/wp-content/plugins/`.
2. Activate the plugin from the WordPress Plugins screen.
3. Go to Tools > Security Snapshot.
4. Run your first snapshot.

== Frequently Asked Questions ==

= Is this a firewall? =

No. Treder Security Snapshot is a security health report tool. It does not block attacks.

= Does this remove malware? =

No. It does not remove malware. It checks common WordPress security settings and reports possible risks.

= Does this collect data? =

No. The plugin runs locally inside WordPress and does not send data to external services.

= Does this use remote APIs? =

No. The free plugin does not call external APIs.

= Can I use this on client websites? =

Yes. The free version can be used to review basic WordPress security health. The Pro version is designed to add white-label reporting and scheduled client reports.

== Screenshots ==

1. Security score dashboard.
2. Detailed security audit.
3. Scan history.
4. Upgrade to Pro tab.

== Changelog ==

= 1.0.0 =
* Initial release.
