If you keep a watch on software security newsletters or blogs like the Wordfence blog, you’ll know there are a good number of new detected defects and vulnerabilities on a regular basis, even on well known plugins and software. It’s worth looking into the details of how this happens especially if you work on PHP software from time to time. Thankfully there are public records which let you compare to look at how these are fixed:
Continue reading “Learning from previous mistakes – pulling historical vulnerability information from various plugins”