via pluginvulnerabilities.com => original post link
If data providers for WordPress plugin vulnerability information want to keep up with vulnerabilities, one important place to monitor is the WordPress Support Forum. Today, doing that allowed us to warn our customers of a plugin with 8,000+ installs that contains malicious code in the current version of the plugin, which is still available in the directory. What that also shows is that other data providers are not providing accurate information to their customers, causing problems for them and plugin developers.
Recently we have noted many problems with the new Wordfence Intelligence Community Edition data on plugin vulnerabilities and we keep running into more examples. [Read more]