Fix false positive report when using fixed vulnerability version.

[rahulsprajapati]

Description of the Change

We have recently added introduced_in field in https://github.com/10up/wpcli-vulnerability-scanner/pull/50 to show more accurately identify vulnerable versions in report. In this we got one edge case where if we have introduced_in field and site already using fixed vulnerability version of plugin/theme it was still flagging it as vulnerable version. As reported in https://github.com/10up/wpcli-vulnerability-scanner/issues/59

Alternate Designs

• N/A

Benefits

All use cases of vulnerability check covered:

1. Using version older version of a plugin that is not vulnerable.
2. Using version from which vulnerable was introduced and yet to be fixed.
3. Using version from which vulnerable was introduced and fix version is released but plugin is yet to be updated.
4. Using version in which vulnerability is fixed.

Possible Drawbacks

• N/A

Verification Process

Vulnerability report for sassy-social-share plugin introduced in 3.3.23 and fixed in 3.3.24.

1. When using plugin older version 3.3.22
2. Then should not show any vulnerability.

1. When using plugin version with vulnerability 3.3.23
2. Then show vulnerability report.

1. When using plugin version with vulnerability fix3.3.33
2. Then should not show any vulnerability.

Checklist:

• [ ] I have read the CONTRIBUTING document.
• [x] My code follows the code style of this project.
• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.
• [ ] I have added tests to cover my change.
• [ ] All new and existing tests passed.

Applicable Issues

Fixes: https://github.com/10up/wpcli-vulnerability-scanner/issues/59

Changelog Entry

Changed:

• Fix false positive report for wp vuln plugin-status with introduced_in field.