I’ve been enjoying analyzing WordPress (@_WPScan_ ) vuln scan data lately because it’s a huge void in the vulnerability management market. The network VA vendors don’t really test for vulns in WordPress or the plugin-in, and neither to the appsec vendors. Data soon to come!
8
4
21
It’s easier to either ban Wordpress outright or require using the hosted (maintained) version.
Nov 3, 2020 · 12:36 PM UTC
1