20 Mar

WordPress Plugin Security Review: Cloudflare

For our sixth security review of a plugin based on the voting of our customers (we are still waiting to release the results of the fifth until after the developer has a chance to fix the most serious issue found), we reviewed the plugin Cloudflare. If you are not yet a customer of the service you can currently [Read more]

04 Apr

When Full Disclosure of a Claimed WordPress Plugin Vulnerability Leads To A Bigger Problem

When it comes to disclosing security vulnerabilities, a major issue is when the vulnerability should be disclosed. On one side is full disclosure, which involves disclosing it as soon as possible, including before the vulnerability has been fixed. On the other side is responsible disclosure, which involves disclosing a vulnerability in a coordinated manner sometime after it [Read more]