If you want the best information and therefore best protection against vulnerabilities in WordPress plugins we provide you that through our service.
Here is what we did to keep those are already using our service secure from WordPress plugin vulnerabilities during January (and what you have been missing out on if you haven’t signed up yet): [Read more]
Recently we were contacted by one of the users of our service, J.D. Grimes, who had found some possible vulnerabilities that involved shortcodes and a lack of escaping when passing data to the function wp_localize_script(). He was too busy to go further with them at the time and was wondering if we could take it from there in confirming them and getting in touch with the developers. One the impacted plugins was WP GitHub Tools.
The plugin registers the shortcode “chart” to call the function display_chart(): [Read more]