One of the things we do to be able to provide customers of our service with the best information about known vulnerabilities in WordPress plugins is by monitoring the WordPress Support Forum for possibly relevant topics. Along with the information we are looking for, we often see people who have gotten incomplete and or inaccurate information from other security providers that are cutting corners. Once recent example involved a service named WP Sec. A user of the service wrote this to the developer of a plugin:

It says that the plugin has a security problem.
Did you know it? [Read more]