via pluginvulnerabilities.com => original post link
In what appears to be a significant setback for Wordfence, but promoted as “a gift to the community”, they announced they are now giving away data on vulnerabilities in WordPress plugins they have been trying to sell access to since August, as part of Wordfence Intelligence (which we previously discussed, wasn’t delivering on its promises). They are now branding this data as Wordfence Intelligence Community Edition.
Before the data was publicly available, we had been running across indications it was of rather poor quality, including falsely claiming a plugin contained a “critical” vulnerability because they confused it with another plugin, claiming another plugin contained “critical” vulnerability despite having no idea if that was true, and other apparent instances of false claims of vulnerabilities. Now that their data set is out in the open, we can get a better look at it and the first things we went to check on showed that the quality is indeed rather poor. Which makes providing it for free make more sense, but it joins a crowded field of at least partially free options with quality issues of their own. [Read more]