Jetpack announced the acquisition of WPScan, a WordPress vulnerability database, and tool. WPScan provides information about the latest vulnerabilities found in WordPress core, themes, and plugins. It was originally started as a Ruby script in 2011 then evolved into a large software project and became popular as WordPress’ market share rose.
Improving security for the WordPress ecosystem
WPScan managed to double the number of vulnerabilities that they added to the database in 2021, compared to 2020. WPScan cataloged over 23,000 WordPress-related vulnerabilities in the last 10 years.
Jetpack stated that with the acquisition, WPScan founders, Ryan Dewhurst and Erwan Le Rousseau will join the company and will be able to continue to improve security for the WordPress ecosystem. WPScan will operate independently in short term and will be integrated into Jetpack Scan in the future. Jetpack also announced that WPScan customers won’t be impacted in the near term.
Ryan Dewhurst, founder of WPScan said,
“We’re extremely proud of building WPScan over the last ten years. Automattic has always been a great partner, and we can’t wait to start working more closely together so we can take WPScan to the next level. I’m really excited about working on making our WordPress vulnerability database more open and accessible to the community.”