Validate against last known version
jazzsequence opened this issue · comments
Chris Reynolds commented
Since the scanners don't actually run a scan, or compare a current version against known vulnerabilities in a database/API, we should perhaps at least warn (or fail -- with a way to set a failure as resolved) if the last known version of a plugin or theme (or core) has vulnerabilities.