diff --git a/autorecon/default-plugins/http_server.py b/autorecon/default-plugins/http_server.py
index 69e0c27..15ad379 100644
--- a/autorecon/default-plugins/http_server.py
+++ b/autorecon/default-plugins/http_server.py
@@ -270,8 +270,13 @@ class WPScan(ServiceScan):
 		self.tags = ['default', 'safe', 'http']
 
 	def configure(self):
+		self.add_option('api-token', help='An API Token from wpvulndb.com to help search for more vulnerabilities.')
 		self.match_service_name('^http')
 		self.match_service_name('^nacn_http$', negative_match=True)
 
 	def manual(self, service, plugin_was_run):
-		service.add_manual_command('(wpscan) WordPress Security Scanner (useful if WordPress is found):', 'wpscan --url {http_scheme}://{addressv6}:{port}/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color 2>&1 | tee "{scandir}/{protocol}_{port}_{http_scheme}_wpscan.txt"')
+		api_token = ''
+		if self.get_option('api-token'):
+			api_token = ' --api-token ' + self.get_option('api-token')
+
+		service.add_manual_command('(wpscan) WordPress Security Scanner (useful if WordPress is found):', 'wpscan --url {http_scheme}://{addressv6}:{port}/ --no-update -e vp,vt,tt,cb,dbe,u,m --plugins-detection aggressive --plugins-version-detection aggressive -f cli-no-color' + api_token + ' 2>&1 | tee "{scandir}/{protocol}_{port}_{http_scheme}_wpscan.txt"')