Sourcemap Explorer
Stack · CMS

WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.

CMS · Blogs
Official site

About

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.

Categories: CMS, Blogs

Quick facts

Official sitehttps://wordpress.org
CategoriesCMS, Blogs
Open sourceYes
SaaSYes
Pricinglow, recurring, freemium

Detection methodology for CMS

For content management systems we lean on the most stable signals each platform leaves behind: the `<meta name="generator">` tag, asset URL prefixes (`/wp-content/`, `/sites/default/files/`, `/cdn.shopify.com/`), distinctive cookie namespaces (`wordpress_*`, `_shopify_*`, `Drupal.*`) and admin-route signatures (`/wp-admin/`, `/user/login`). When the visible site is a JavaScript framework with a headless CMS underneath, we surface the CMS SDK from the bundle (`@sanity/client`, `contentful`, `@storyblok/react`) — the fingerprint that survives even when the HTML carries no traditional CMS markers.

How we detect WordPress

Each signal alone is rarely conclusive — Sourcemap Explorer cross-references all of them and weights by confidence. You can reproduce any of these checks yourself in Chrome DevTools.

Response header

Server-side fingerprint: the response header reveals the technology behind the page. Visible in DevTools → Network → response headers.

X-Pingback: /xmlrpc\.php$
link: rel="https://api\.w\.org/"
Meta tag

<meta> tag injected into the document. Visible by viewing the page source.

<meta name="generator" content="^WordPress(?: ([\d.]+))?">
<meta name="shareaholic:wp_version" content="">
JavaScript global

Window-level global the technology installs on page. Reproducible by typing the path into the DevTools console.

window.wp.ajax
window.wp.receiveEmbedMessage
window.wp_username
window.wpb_prepare_tab_content
HTML source

Substring or regex match against the page HTML — typically a unique class, comment marker, or asset path.

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
Script src URL

Script URL pattern. Typically a CDN host or chunk path that ships with the technology.

/wp-(?:content|includes)/
wp-embed\.min\.js
wp-static\.assets\.sh/
/wp-content
DOM selector

A DOM selector that only this technology's pages render. Verified at runtime by the content script.

div[class*='wp-block-group'] > div[class*='wp-block-']
link[rel=stylesheet][href*='/wp-content/']

Implies

When WordPressis detected, Sourcemap Explorer also marks the following technologies as present (Wappalyzer's implies graph).

PHPMySQL

FAQ

How do I check if a website is using WordPress?

Open the page in Chrome, click the Sourcemap Explorer toolbar icon, and read the Stack tab. The popup matches WordPress's fingerprint signals (response headers, asset URL prefixes, runtime globals, sourcemap paths) and flags it whenever any combination is found. The same checks can be reproduced manually in DevTools — see the "How we detect" section above.

What WordPress version can Sourcemap Explorer detect?

WordPress ships as a hosted cms rather than a bundled npm package, so version-specific detection isn't always possible. Where the platform leaks a version in response headers (`X-Powered-By`, `Server`, generator meta tags) we surface it; otherwise we report presence only.

Is WordPress open source?

Yes, WordPress is open source. The license details are listed on the official site (https://wordpress.org), and the codebase typically lives on a public source-control host.

How much does WordPress cost?

WordPress's pricing model is documented as: low, recurring, freemium. Detection is independent of the pricing tier — Sourcemap Explorer flags the technology by its fingerprints, regardless of which paid plan a site is on. See the official site for the current pricing page.

Where can I read more about WordPress?

Official site: https://wordpress.org. For Sourcemap Explorer's detection guide, see the deep-dive link below or the related guides in the cross-link section.

Keep reading on Sourcemap Explorer

Practical guides

Detection deep dives

Alternative tools

Want the deep dive?

We have a longer guide for WordPress that walks through the exact detection signals, version extraction tricks and FAQs.

Detect WordPress

Detected by Sourcemap Explorer

Open the popup on any page running WordPressand you'll see the exact version pulled from the bundled package.json when sourcemaps are exposed.

Install free on Chrome