Absolutely not. You can’t just Tom Sawyer this job. Please don’t dump automated output into a document and expect us to sift through it in the hope of my team finding a vulnerability you’ll get paid for. This is a waste of everyone’s time.
Take the time to use the best available tools along with your own knowledge and skills to find legitimate vulnerabilities, verify them, and submit those. In doing that you’ll be contributing to the overall security of the WordPress community.
Regards,
Mark Maunder – Chief Technology Officer at Wordfence.
Wow, if you think I am trying to collect a bounty here you are way off the mark. Your disregard for the security of your own code and feedback from your customers does lead me to believe we should stop using WordFence as our SOP at our agency though.
Regards,
Jonathan Bosley – Director of Technology at Imaginuity
We’ve removed your plugin from the effected client sites and are getting nice clean scans now. Thanks for your input on the matter.
Regards,
