White Fir Design the parent of company of the site plugin vulnerabilites has in some form been compromised. We were doing a search on who owned another corporation and they popped up. When we clicked in we noticed they appeared to be hacked as xss started popping up on our screen.
We ran it through sucuri to see what they know and surprisingly white fir design is already on 9 blacklists and sucuri considers it to be a critical security risk. We agree with the sucuri automated assessment and would steer clear of this corporation as they are unable to keep their security in check, yet they have attacked more corporations than can be named in one blog post who help protect people against security issues. In the name of full disclosure, they have also attacked our company, however we look at it this way: If a site that our source says is ran by one person that attacks tons of security companies, then you’re doing something right.