_{As part of our cataloging the vulnerabilities in WordPress plugins for our service we come across false reports of vulnerabilities from time to time. So that others don’t spend their time looking over these as well, we post our findings on them.}

We have recently had requests for a file in the plugin CKEditor for WordPress on one of our websites as part of a series of requests that seem to be looking for use of plugins, likely to then try to exploit them. We couldn’t find any valid reports of vulnerabilities in this plugin, but we did find one false report of a vulnerability that clearly has continued to confuse some people into believing it was real long after its release. [Read more]