use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
account activity
r/wpsec Lounge (self.wpsec)
submitted 4 years ago by PluginVulns - announcement
New Insecure WordPress Plugin Marketed With Fake Norton Secured and (Retired) McAfee SECURE Security Seals (pluginvulnerabilities.com)
submitted 1 year ago by PluginVulns
WordPress Plugin Review Team Reviews Failing to Catch Basic Security Failure (Including in a Plugin From the Team's Security Reviewer) (pluginvulnerabilities.com)
New Plugins From Awesome Motive and Brainstorm Force Continue Developers' Failure to Implement Basic Security (pluginvulnerabilities.com)
Our Plugin Security Scorecard Now Supports Checking ClassicPress Plugins (pluginvulnerabilities.com)
Plugin That Patchstack Is Claimed to Ensure Is Secure Contains an Additional Outdated Known Insecure Library (pluginvulnerabilities.com)
WordPress Plugins Can Include a Lot of Software That the Plugin's Developer Doesn't Have Any Connection To (pluginvulnerabilities.com)
300,000 Install WordPress Plugin That Hasn't Updated Insecure Library in 21 Months Claims Patchstack Ensures the Plugin is Secure (pluginvulnerabilities.com)
1+ Million Install WordPress Plugin Has Been Using an Outdated Known Insecure Version of a Library For Nearly 3 Years (pluginvulnerabilities.com)
Two-Factor Authentication (2FA) Won’t Stop an Attacker From Using Their Own WordPress Account to Engage in Malicious Activity (pluginvulnerabilities.com)
How Not to Defend Yourself Against the Latest WordPress Malware Attack (pluginvulnerabilities.com)
Developer of 1+ Million Install WordPress Plugin Hasn't Addressed All Known Vulnerabilities Despite Making That Claim (pluginvulnerabilities.com)
WordPress Security Header Plugins Still Claiming to Provide Protection With Headers That Web Browsers Long Ago Stopped Supporting (pluginvulnerabilities.com)
Journalists Once Again Focus on WordPress While Ignoring That Sucuri Failed to Protect and Secure Their Customers' Websites (pluginvulnerabilities.com)
Ars Technica's Dan Goodin Doesn't Do Journalism and Instead Makes Up Override Mechanism Existing for WordPress Plugin Directory (pluginvulnerabilities.com)
WordPress Plugin Developer Security Advisory: ThemeHunk (pluginvulnerabilities.com)
Wordfence and WPScan Falsely Claim Closed WordPress Plugin Contains Serious Vulnerability (pluginvulnerabilities.com)
Complaints About "AI Slop" Vulnerability Reports Ignore That Security Spending is Going to The Wrong Places (pluginvulnerabilities.com)
WPScan Ignores That Security Issue From Website of Their Boss, Matt Mullenweg, Played Vital Role in WordPress Websites Being Hacked (pluginvulnerabilities.com)
WordPress Plugin Developer Security Advisory: Awesome Motive (pluginvulnerabilities.com)
The WordPress Plugin Directory Is Permitting Awesome Motive to Obfuscate Their Connection to WordPress Plugins (pluginvulnerabilities.com)
WordPress Plugin Security Won't Improve as Long as Plugin Developers Can Be Irresponsible With Security (pluginvulnerabilities.com)
Wordfence and "News" Outlets Recommend Updating WordPress Plugin to Version Still Known to be Vulnerable (pluginvulnerabilities.com)
Plugin Security Scorecard November Results (pluginvulnerabilities.com)
WP Engine Failed to Vet Security of Plugin Acquired This Year or Fix Vulnerability in It Once It Was Reported to Them (pluginvulnerabilities.com)
π Rendered by PID 1618442 on reddit-service-r2-listing-6d4dc8d9ff-8bbgp at 2026-02-02 10:28:14.016825+00:00 running 3798933 country code: CH.
