Recently WPSCAN introduced the "introduced_in" field to the API to more accurately identify vulnerable versions. We should take advantage of this. Here's part of the announcement:
"This field is optional, and at the beginning we expect it to be used quite rarely, but hopefully will be used more and more as we expand our team. When used, the field will contain the version number of the WordPress, plugin, or theme, that the vulnerability was first introduced in. This will compliment the fixed_in field and help reduce false positive results where a user uses an older version of a plugin that is not vulnerable."
Correctly identifying the versions of the plugin that are vulnerable is critical to decision making and we should use this field.
Recently WPSCAN introduced the "introduced_in" field to the API to more accurately identify vulnerable versions. We should take advantage of this. Here's part of the announcement:
"This field is optional, and at the beginning we expect it to be used quite rarely, but hopefully will be used more and more as we expand our team. When used, the field will contain the version number of the WordPress, plugin, or theme, that the vulnerability was first introduced in. This will compliment the fixed_in field and help reduce false positive results where a user uses an older version of a plugin that is not vulnerable."
Correctly identifying the versions of the plugin that are vulnerable is critical to decision making and we should use this field.