When it comes to security surrounding WordPress unfortunately there are lots of irresponsible parties that, either because they don’t understand security or because they don’t care, are spreading false information. That makes it harder to deal with the real problems that exist and are not getting the attention they need. Take for instance Wordfence the maker of the most popular WordPress security plugin, that among other things makes up threats and spread false information about claimed vulnerabilities in WordPress plugins, while the public continues to be left in the dark when they are using plugins that have been removed from the wordpress.org Plugin Directory due to security issues (including ones that are being exploited on a wide scale).

Another example we just ran across is the website Plugin Problems, pluginproblems.info, which appears to mainly exist to advertise the web hosting company WPX Hosting. We ran across them as they signed up for our service in what looks to an attempt lift information we provide to our clients, for their own website. Beyond any impact on our business doing that would cause, that is problematic as they have already shown they will spread widely false information, which we don’t want to have any part in enabling, so we have canceled their free trial for our service. The spreading of widely false information we spotted involves their first post titled “LayerSlider: XSS & SQL Injection Vulnerability“. [Read more]