We are currently unable to update the vulnerability database of our malware scan plug-ins due to the fact that NIST has stopped updating the database.


Delay of CVSS evaluation by NIST

We have released [Free] WordPress: Malware Scan & Security Plug-in [Malware and Virus Detection and Removal], which has a vulnerability scanning function.

The database for this vulnerability checker is based on data from NIST, the most trusted international vulnerability assessment organization.

Delayed CVSS rating of NIST data

CVSS is a measure of vulnerability severity; the higher the score, the more serious the vulnerability.

Currently, NIST’s CVSS rating has not been updated since early February 2024, and we have been unable to register it in our vulnerability database.

However, it is stated that this is a temporary delay, and the following announcement has been made, so we expect that the vulnerabilities will be evaluated sequentially in the near future.

As soon as the NIST database is updated, we will update the vulnerability testing data of our plug-ins.
Thank you for your cooperation.

Related Posts:

  1. Free WordPress:Best Malware Scan & Security Plug-in, made in Japan [Malware and Virus Detection and Removal].
    24-hour protection for your WordPress site. Plug-in that checks (detects and confirms) and removes defacement, hijacking, hacking, malware, backdoors, and virus infection of your WordPress site, and restores your WordPress site. Plug-in that checks and detects WordPress site code from patterns of malicious code (malware, viruses, defacement, hacking damage) ranging from patterns from sites restored by WordPress Doctor. WordPress Doctor...
  2. Vulnerability in tagDiv Composer plugin bundled with WordPress Newspaper theme allows database rewriting
    A vulnerability in tagDiv Composer, a plugin included with the WordPress Newspaper theme, has been discovered that allows the database to be rewritten....
  3. Can WordPress malware infect database data?
    We will explain how an infection (tampering) with the WordPress database can cause the files on the site (server) to be tampered with....
  4. Vulnerability CVE-2023-22622 in WordPress 6.1.1 and below
    Recently, the international vulnerability database NIST has released CVE-2023-22622 as a vulnerability in WordPress 6.1.1 and below. The following is an explanation of the results of our investigation....
  5. If you do not know where the malware infected malware is located or if you cannot find it
    This section explains what to do if you do not know the location of infected malware or if you cannot find it....
  6. Vulnerability in WordPress theme OneTone to rewrite database without authentication
    OneTone, which has a large number of users in Japan, has a vulnerability that rewrites the database without requiring authentication, and many sites have suffered from redirection hacks....