While looking to see if anyone had disclosed a vulnerability in a WordPress plugin we were looking into, we clicked on a Google search result for a competing data source for WordPress plugin vulnerabilities, the WPScan Vulnerability Database. Why Google returned this page as a result is unclear since the page is basically empty:
While so much of the security industry seems to have no interest in providing accurate information about security, for those that do care, if our experience is any indication, it is difficult to find a way to present information in a way that provides the proper concern without creating unnecessary fear due to misinterpretations of the information presented and many people’s belief that they have a better understanding of security than they really do. That seems to come in to play with something we ran across recently in our monitoring of the WordPress support forum for indication of security issues in WordPress plugins.
Yesterday a thread was started with the following: [Read more]
