First: The plugin shows, that my site is clean and not blacklisted. As a fact – it is blacklisted by Google for a week already.
Second: Defender reports “WordPress 2.3-4.7.4 – Host Header Injection in Password Reset”
and recommends updating WordPress to the latest version from… the latest version. Thatš cute :slight_smile:
