Yesterday, we noted in a post that a third-party library used in a very popular WordPress plugin didn’t have any listed security advisories in its GitHub project despite the developing having acknowledge that a vulnerability had been fixed. What we also noted in passing was that there also wasn’t a security policy provided for the library, which would explain how to report other security issues in the library. You can see that in this screenshot for the library’s Security tab on GitHub:
Image may be NSFW.
Clik here to view.
[Read more]
