The security of plugins that extend the WordPress ecommerce plugin WooCommerce is often poor, something that the developer of WooCommerce, Automattic, hasn’t taken an interest in addressing. Another part of Automattic claims to provide some protection against that, but isn’t delivering that. Automattic’s WPScan is promoted with this claim:

Be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes. [Read more]