Through the various things we do as part our service we have a fair amount of interaction with people making claims about vulnerabilities in WordPress plugins and with the developers of WordPress plugins with vulnerabilities. From doing that we don’t currently have a very positive view of either side, which shouldn’t be all that surprising considering the poor state of
Source: Security Feed