Created attachment 8634001 [details] plugincheck_vulnerable User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0 Build ID: 20150630154324 Steps to reproduce: There are quite a number of complaints about the Plugin Check reporting a plugin as vulnerable although it is already the latest version. The confusion arises from the urgency to update the vulnerable plugin, though there is no new version at the moment. Without proper guidance, users tend to misunderstand "being vulnerable" as "being out of date" while in reality, an up to date plugin can be vulnerable. A few helpful hints as shown in my mockups could clear up the confusion and guide the users on how to approach a vulnerable up to date plugin. Steps to reproduce: Install the latest version of a plugin that is currently reported as vulnerable (such as Java or Flash). Open the Add-ons Manager and click on Plugins on left. Click on the "Check to see if your plugins are up to date" link. View the status report on the Plugin Status Check site. Actual results: Plugin Status Check site reports plugin as vulnerable and urges user to update it. User finds that plugin is already up to date. User find the information inconsistent and incoherent. Expected results: Plugin Status Check site reports plugin as vulnerable and urges user to update it, BUT hints that an update may not be available. User finds that plugin is already up to date, but understands that a new version fixing the vulnerability is still in the works. User may continue to use the plugin or disable it in the Plugin Manager. User may check for updates at a later date. Additional info: Glyphicon used: "glyphicon glyphicon-question-sign" (color: goldenrod) Bootstrap tooltip used for mockups. Text (Vulnerable): A vulnerability has been reported for this plugin. However, the plugin may already be up to date. Text (Update Now): If the plugin is already up to date, consider disabling it until a new version is released.
Plugin check is no longer supported.