It is generally known that the most exploited vulnerabilities are not in CMS engines, but in thousands of third-party plugins. Developers rarely fix this vulnerabilities quickly or even don’t fix them at all. You can find examples of such vulnerabilities and exploits with “wordpress plugin bulletinFamily:exploit” request.
Appercut bulletin contains all information about found vulnerabilities, including vulnerability decription, criticality and a piece of code where the vulnerability was detected. Vulnerable version of the application is aslo indicated, e.g. “WordPress CMS <= 4.5.2”.
At current moment, 9 bulletins were added for WordPress, Drupal, Joomla, Regular Labs, Apache Apex and Apache Camel.
In future we are planning to scan all the popular plugins for all popular CMS. Thus, end-users will be able to get information about the potential vulnerabilities in CMS and plugins, before this vulnerability will get any id. We believe that together with Appercut we can make popular CMS much safer!