Recently a security company we had not heard of before, named Cyber Security Works, released a report on a claimed stored cross-site scripting vulnerability that had been in the WordPress plugin Microsoft Clarity. The report is a mess.

They list the “affected vendor” as “WordPress 5.8.1”, while the actual vendor is Microsoft. [Read more]