Automattic has acquired WPScan, a ten-year-old service that provides a database for WordPress core, plugin, and theme vulnerabilities. The company has sponsored WPScan for a number of years and has already been white labeling its use in Jetpack Scan. Pricing for WPScan is based on API requests per day, with a free version limited to…
WPScan is on track to post a record-breaking year for WordPress plugin vulnerabilities submitted to its database, according to a collaborative mid-year security report the company published with Wordfence. In the first half of 2021, WPScan has recorded 602 new vulnerabilities, quickly surpassing the 514 reported during all of 2020. The report is based on…
WPScan, a security company that maintains a database of WordPress vulnerabilities, has been officially designated as a CVE (Common Vulnerability and Exposures) Numbering Authority (CNA). The company joins 151 organizations from 25 countries that participate in the CVE Program as CNAs. These organizations are authorized to assign CVE Identifiers (CVE IDs) to vulnerabilities within their own distinct scopes of work,…