Updated WordPress Plugin Security Testing Cheat Sheet (markdown)

WordPress-Plugin-Security-Testing-Cheat-Sheet.md

@@ -1,8 +1,6 @@
 # WordPress Plugin Security Testing Cheat Sheet
 
-This cheat sheet was compiled by [Dewhurst Security](https://dewhurstsecurity.com "Dewhurst Security") to record the knowledge gained when testing WordPress plugins for security issues for our clients. The security documentation provided by WordPress and found online for plugin security is sparse, outdated or unclear. This cheat sheet is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins.
-
-This is a living document, feedback in the form of Issues or Pull Requests is very much welcomed.
+This is cheat sheet is heavily used by the WPScan Team when we conduct penetration testing against WordPress plugins. If you would like to have your WordPress plugin, or WordPress website, tested by WordPress security experts, please [contact us](https://wpscan.com/contact).
 
 ## Testing Environment
 
@@ -55,13 +53,6 @@ The following functions can cause XSS if not secured as they use the PHP_SELF va
 
 Example regex: `add_query_arg\(['"\s]+[^,]+['"]\s?\)`
 
-References:
-
-[https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html](https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html)
-[https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/](https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/)
-[https://developer.wordpress.org/reference/functions/add_query_arg/](https://developer.wordpress.org/reference/functions/add_query_arg/)
-[https://developer.wordpress.org/reference/functions/remove_query_arg/](https://developer.wordpress.org/reference/functions/remove_query_arg/)
-
 ## SQL Injection
 
 Unsafe API methods (require sanitising/escaping):