This post provides the details of a vulnerability in the WordPress plugin WPS Limit Login not discovered by us, where the discoverer hadn’t provided the details needed for us to confirm the vulnerability while we were adding it to the data set for our service, so its contents are limited to subscribers of our service. If you are not currently a subscriber, you can try out the service to help protect your website for free and then you can view the contents of the post. There are a lot of other reason that you will want to sign up beyond access to posts like this one, including that you would have already been warned about this vulnerability if your website was vulnerable due to it.
When it comes to companies with security products and services we continue to run across new bad things they have come up with to push their products.
On Monday we introduced a new feature to the service that lets you know how likely is that a WordPress plugin vulnerability is to be exploited. In explaining why we thought the new feature would be useful we wrote in part: