Skip to main content
WordPress Management opens WP Toolkit, the management layer for every WordPress install on your account. From one screen you can install a fresh site, clone an existing one to staging, run security scans, push plugin and theme updates, take backups, and toggle the dozen or so settings that usually live in a WordPress admin you’d rather not log into. WP Toolkit is third-party software made by Plesk, bundled with cPanel. We ship it with every hosting plan. Open it from cPanel home → DomainsWordPress Management.
WP Toolkit landing page with Install, Scan, Updates, Security, Detach, Remove buttons

What’s inside

Installations

The site list and the toolbar above it: Install, Scan, Updates, Security, Detach, Remove. Bulk actions across every WordPress site on the account.

Site management

The expanded view of a single site. Dashboard with File Manager, Clone, Back Up, Logs, WP-CLI, Updates, Security, Performance, Maintenance mode, and more.

Plugins

Install, update, activate, and remove plugins across one or many sites at once.

Themes

Same idea for themes. Roll out a theme to multiple sites, or manage themes per site.

What WP Toolkit does that the WP admin doesn’t

CapabilityWP adminWP Toolkit
Install a new siteManualOne click. Auto-fills DB credentials, admin user, locale.
Clone to a staging subdomainPluginBuilt in. Two clicks, full file + DB copy.
Run a security scanPluginBuilt in. Reports issues with a numeric score.
Push WordPress + plugins updatePer siteMulti-select, bulk update across the whole account.
Smart Update (test before apply)NoYes. Clones the site, runs the update on the clone, runs checks, and surfaces a report. You review and decide whether to push to live.
Maintenance modePluginBuilt-in toggle. Custom page, datestamped.
Vulnerability databasePluginLive vuln feed for every install. (Auto-mitigation is paid.)

Pricing for the parts that aren’t included

Everything in WP Toolkit is included with your hosting plan except Vulnerability Protection, the auto-patching feature that applies hotfixes for known plugin and theme CVEs without waiting for the upstream vendor.
Vulnerability Protection is a paid opt-in. The vulnerability scanner is free and shows you which CVEs apply to your sites. Auto-applying virtual patches before the official fix lands is the part that’s billed separately. Open a ticket from the Members Area to enable it on your account.

Common starting points

Install your first WordPress site

The Install button on the Installations tab. Two minutes start to finish.

Clone to staging before a risky change

Clone Data on the per-site dashboard. Make changes on the copy, push back when you’re happy.

Patch every site at once

Updates button on the toolbar. Pick which sites, which components, run.

Run a security scan

Scan button on the toolbar, or per site. Reports a 0–10 score with action items.

Need a hand?