Really Simple SSL, when Vulnerability Detection is enabled, runs a regular check every few hours to see if new vulnerabilities are added to our database, which may be relevant to your website. It automatically runs a check when we see a change in your WordPress installation. For example, if you update a plugin to a new version Really Simple SSL runs a check. This is also true when installing a new plugin.
In some cases, Really Simple SSL doesn’t know if a change happened. For example, when you update code via FTP or a file manager, Really Simple SSL can’t be triggered by a WordPress event. If this is the case for you, know that you can trigger a check manually (with Vulnerability Detection enabled) with a parameter. It should look like this: