Case study in how the AMP plugin for WordPress revealed a security flaw in a popular plugin. Not only did the AMP plugin prevent the XSS vulnerability from being exploitable, but it also pinpointed the code responsible.