If there was ever an interest on the WordPress side of things to actual improve the security of plugins one obvious area for that would be a mechanism for developers to report if security vulnerabilities have been fixed in the plugins, so that additional reviewing of them could be done. The latest version of the plugin Category Specific RSS Menu (Category Specific RSS feed Subscription) would seems like a good example of where that could further improve the security of the plugin, as it turns out the new version fixes a security issue but while only addressing half of the security issues that caused the vulnerability.

…

[Read more]