WordPress is popular free and open$-$source content management system. An e$-$commerce website uses WordPress for their website. But the e$-$commerce IT team had installed a plugin.

Later in that year, a vulnerability was discovered in that plugin by security researchers. This vulnerabilty allows uploading any files to the web server hosting the WordPress instance. A patch was made available to fix this vulnerability by the plug in vendor, but this was not applied to the e$-$commerce website by the IT tearm.

Hackers discovered the presence of this vulnerable plugin on the website and exploted it to upload malware to the server.

Which of the following options is TRUE with respect to this scenario?

Shredding must be done to dispose the vuinerability

SAST and manual code review could have detected the pr esence of the vulnerable component

The $--$commerce IT team must estabish and execute a disposal$/$transition pian to prevent a repout of theserssues

The IT must maintidom an imventory of all their software including dependencies and ensure security updates are done on timey tossis: