Looking good! The exploit level makes it much easier to digest and analyze the report. Thanks for adding it…

I still think it might be nice to have a flag for newly found warnings.

Let’s say I run the scanner regularly: after each install or upgrade of a plugin, upgrade of WordPress and maybe at regularly-scheduled intervals.

Then it works like this: I set up a clean install of WordPress and run the Exploit Scanner immediately. I can pretty safely assume that everything it found was a false positive.

Next, I install a plugin and run the scanner again. This time, the new warnings (most likely false positives generated by the new plugin) are displayed. I can quickly sort through those (ignoring the previously found false positives). If I’m satisfied that the new warnings are false positives, I can disregard them

Now, this is where it gets good. If I’m running after every upgrade or install of plugins or WordPress, AND I’m running at regularly scheduled intervals, I should see no new warnings at my regularly scheduled scans. That is, any new warning that comes up at a regularly scheduled scan should be analyzed very closely, since it was most likely not triggered by an upgrade of WordPress or a plugin.

Seems like this would be a pretty easy feature to implement – just put a flag next to each warning that wasn’t in the previous set of warnings.

What’s your take?