Developer of WordPress Malcure Malware Scanner Plugin is Lying to You
The WP Security Minute for March 11, 2025.
It’s hard to spend much time looking at WordPress security solutions without finding a provider that appears to be a huckster.
The developer of the Malcure Malware Scanner claims to be the “#1 Toolset for WordPress Malware Removal.” Who number 2 is and how they came to that conclusion is unstated. In the FAQ, the developer claims they “can’t comment on other plugins,” which suggests they don’t actually understand the competition they claim to be better than. What they clearly don’t understand is basic security terminology. They prominently claim to detect certain types of malware, which are not malware.
They claim CSRF is malware, but CSRF is short for cross-site request forgery. That is a type of vulnerability, not malware.
The same goes for XSS. That is short for cross-site scripting, which is a type of vulnerability. An XSS vulnerability could be used to place malware on a website, but isn’t malware.
They claim the same with DDoS, which is short for distributed denial-of-service and is a type of attack, not a type of malware.
They also claim without any backup that their plugin produces “no false positives,” which doesn’t match up with support forum topics, including this one or this one.
Видео Developer of WordPress Malcure Malware Scanner Plugin is Lying to You канала WP Security Minute
It’s hard to spend much time looking at WordPress security solutions without finding a provider that appears to be a huckster.
The developer of the Malcure Malware Scanner claims to be the “#1 Toolset for WordPress Malware Removal.” Who number 2 is and how they came to that conclusion is unstated. In the FAQ, the developer claims they “can’t comment on other plugins,” which suggests they don’t actually understand the competition they claim to be better than. What they clearly don’t understand is basic security terminology. They prominently claim to detect certain types of malware, which are not malware.
They claim CSRF is malware, but CSRF is short for cross-site request forgery. That is a type of vulnerability, not malware.
The same goes for XSS. That is short for cross-site scripting, which is a type of vulnerability. An XSS vulnerability could be used to place malware on a website, but isn’t malware.
They claim the same with DDoS, which is short for distributed denial-of-service and is a type of attack, not a type of malware.
They also claim without any backup that their plugin produces “no false positives,” which doesn’t match up with support forum topics, including this one or this one.
Видео Developer of WordPress Malcure Malware Scanner Plugin is Lying to You канала WP Security Minute
Комментарии отсутствуют
Информация о видео
12 марта 2025 г. 10:00:05
00:01:00
Другие видео канала
