Skip to main content
WP HealthKit

CRA

The Cyber Resilience Act (CRA) is EU legislation requiring all software products to meet cybersecurity requirements, including vulnerability handling and security documentation.

How it works

The CRA requires software publishers to conduct security assessments, maintain vulnerability disclosure policies, and provide security documentation for 10+ years. The reporting obligations start September 11, 2026, with full compliance required by December 11, 2027.

In WordPress

WP HealthKit's Agency plan includes a CRA Compliance Kit that auto-generates SECURITY.md, a Vulnerability Disclosure Policy, and assessment evidence documentation from your audit results.

Related terms

WP HealthKit checks for CRA-related vulnerabilities automatically

Run a Free Audit
Cyber Resilience Act Explained — Impact on WordPress Plugin Developers | WP HealthKit