{"id":"https://openalex.org/W4416549573","doi":"https://doi.org/10.1145/3719027.3760720","title":"Poster: Leveraging Large Language Models to Effectively and Efficiently Identify Vulnerability Patches for WordPress Plugins","display_name":"Poster: Leveraging Large Language Models to Effectively and Efficiently Identify Vulnerability Patches for WordPress Plugins","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549573","doi":"https://doi.org/10.1145/3719027.3760720"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3760720","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3760720","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760720","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760720","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5025080634","display_name":"Xue Leng","orcid":"https://orcid.org/0000-0003-1333-5988"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xue Leng","raw_affiliation_strings":["Hangzhou Institute of Technology, Xidian University, Hangzhou, China"],"raw_orcid":"https://orcid.org/0000-0003-1333-5988","affiliations":[{"raw_affiliation_string":"Hangzhou Institute of Technology, Xidian University, Hangzhou, China","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090406249","display_name":"H.L. Zhang","orcid":"https://orcid.org/0009-0003-0949-3673"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hai Zhang","raw_affiliation_strings":["Hangzhou Institute of Technology, Xidian University, Hangzhou, China"],"raw_orcid":"https://orcid.org/0009-0003-0949-3673","affiliations":[{"raw_affiliation_string":"Hangzhou Institute of Technology, Xidian University, Hangzhou, China","institution_ids":["https://openalex.org/I149594827"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029428788","display_name":"Tiantian Zhu","orcid":"https://orcid.org/0000-0002-8657-662X"},"institutions":[{"id":"https://openalex.org/I55712492","display_name":"Zhejiang University of Technology","ror":"https://ror.org/02djqfd08","country_code":"CN","type":"education","lineage":["https://openalex.org/I55712492"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Tiantian Zhu","raw_affiliation_strings":["Zhejiang University of Technology, Hangzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-8657-662X","affiliations":[{"raw_affiliation_string":"Zhejiang University of Technology, Hangzhou, China","institution_ids":["https://openalex.org/I55712492"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100527751","display_name":"Sun Jian-guo","orcid":"https://orcid.org/0009-0007-8216-2925"},"institutions":[{"id":"https://openalex.org/I149594827","display_name":"Xidian University","ror":"https://ror.org/05s92vm98","country_code":"CN","type":"education","lineage":["https://openalex.org/I149594827"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianguo Sun","raw_affiliation_strings":["Hangzhou Institute of Technology, Xidian University, Hangzhou, China"],"raw_orcid":"https://orcid.org/0009-0007-8216-2925","affiliations":[{"raw_affiliation_string":"Hangzhou Institute of Technology, Xidian University, Hangzhou, China","institution_ids":["https://openalex.org/I149594827"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.45170993,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"4770","last_page":"4772"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.32429999113082886,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.32429999113082886,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.2913999855518341,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.18529999256134033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6696000099182129},{"id":"https://openalex.org/keywords/plug-in","display_name":"Plug-in","score":0.6184999942779541},{"id":"https://openalex.org/keywords/meaning","display_name":"Meaning (existential)","score":0.5436000227928162},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5264000296592712},{"id":"https://openalex.org/keywords/matching","display_name":"Matching (statistics)","score":0.48420000076293945},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4634000062942505},{"id":"https://openalex.org/keywords/language-model","display_name":"Language model","score":0.3343999981880188},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.31290000677108765}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.722100019454956},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6696000099182129},{"id":"https://openalex.org/C4924752","wikidata":"https://www.wikidata.org/wiki/Q184148","display_name":"Plug-in","level":2,"score":0.6184999942779541},{"id":"https://openalex.org/C2780876879","wikidata":"https://www.wikidata.org/wiki/Q3054749","display_name":"Meaning (existential)","level":2,"score":0.5436000227928162},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5264000296592712},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.48590001463890076},{"id":"https://openalex.org/C165064840","wikidata":"https://www.wikidata.org/wiki/Q1321061","display_name":"Matching (statistics)","level":2,"score":0.48420000076293945},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4634000062942505},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.38119998574256897},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3716999888420105},{"id":"https://openalex.org/C137293760","wikidata":"https://www.wikidata.org/wiki/Q3621696","display_name":"Language model","level":2,"score":0.3343999981880188},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.31929999589920044},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.31290000677108765},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.3075000047683716},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3066999912261963},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.3052999973297119},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.29829999804496765},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.296099990606308},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.28540000319480896},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.2754000127315521},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.27469998598098755},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.26100000739097595},{"id":"https://openalex.org/C179603123","wikidata":"https://www.wikidata.org/wiki/Q1941921","display_name":"Modeling language","level":3,"score":0.2556000053882599},{"id":"https://openalex.org/C144559511","wikidata":"https://www.wikidata.org/wiki/Q2986279","display_name":"Principal (computer security)","level":2,"score":0.25099998712539673}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3760720","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3760720","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760720","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3719027.3760720","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3760720","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760720","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4416549573.pdf","grobid_xml":"https://content.openalex.org/works/W4416549573.grobid-xml"},"referenced_works_count":1,"referenced_works":["https://openalex.org/W4415797147"],"related_works":[],"abstract_inverted_index":{"Vulnerability":[0],"patches":[1],"are":[2,25],"essential":[3],"for":[4],"managing":[5],"vulnerabilities":[6],"in":[7],"Open-source":[8],"software":[9],"(OSS).":[10],"However,":[11,55],"accurately":[12],"identifying":[13],"them":[14],"remains":[15],"difficult.":[16],"Existing":[17],"methods":[18,44],"mainly":[19],"rely":[20],"on":[21],"rule-based":[22],"matching":[23],"and":[24,63],"not":[26],"well-suited":[27],"to":[28,34],"ecosystems":[29],"like":[30],"WordPress":[31],"plugins,":[32],"due":[33],"the":[35,68,71],"lack":[36,59],"of":[37],"a":[38],"unified":[39],"development":[40],"standard.":[41],"In":[42],"contrast,":[43],"that":[45],"combine":[46],"vulnerability":[47],"descriptions":[48],"with":[49],"code":[50],"changes":[51],"demonstrate":[52],"greater":[53],"potential.":[54],"current":[56],"prediction":[57],"models":[58],"deep":[60],"semantic":[61],"understanding":[62],"thus":[64],"cannot":[65],"fully":[66],"understand":[67],"meaning":[69],"behind":[70],"changes.":[72]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-11-23T00:00:00"}
