As far as I can tell, this is a defective product that has been abandoned by a company that has vanished. I don't think it's fit to use. If you want to secure a WordPress site, I recommend a real, living company like Sucuri instead.
I was immediately suspicious of this "critical" attack--a plain vanilla XSS alert(0) test, the sort of thing produced by any security scanner or researcher, and quite harmless.
I went to http://securelive.net and saw this page, showing that the domain has expired, and returned to its broker:
Checking here, I see that the domain expired in Jan., 2015. That means that the "From" email in the "SecureLive Security Advisory" is spoofed, because an expired domain cannot send or receive email. That also means replies to this domain will bounce.
Dig shows that "securelive.net" is indeed out-of-use and has no MX record:
I called the 855 contact number in the "SecureLive Security Advisory" message and it leads to a generic message saying the account is out of service.
Apparently SecureLive was taken seriously by at least one reviewer in 2009:
Review of SecureLive Joomla Security Extension
But others have noticed the product's tendency to block people for innocent traffic:
[Plugin: SecurePress Website Security Analyzer] Thinks EVERYTHING is an attack!
Here's what the SecureLive Knowledge Base looks like. It's hard to believe that a living company would allow their page to look like this without fixing it.
At the bottom, it has more contact information, again using the "securelive.net" domain which has been abandoned.
Here's another Knowledge Base post from a Dallas library complaining about the same issue:
I found the @SecureLiveLLC Twitter feed and found this:
The last Tweet is from 27 Jan 2014 and links here. Apparently they had a server outage in 2014 and never felt any need to update their customers after that date.
Incrementing the "id" number in the URL shows that the other posts are from earlier dates--this announcement section to have been abandoned in 2014.
The SecureLive Home Page contains pretty Flash graphics, with fake-looking testimonials from "professionals" who don't seem to have names or jobs:
But the bottom of the page shows five image placeholders just sitting there, indicating that the page was never finished.
I called both listed phone numbers at 10:55 am PST on Weds., May 13, 2015. One is busy, the other rings but there is no answer.
I emailed both addresses shown there and I'll update this page if I get any reply.
At 11:28 an apparently automated process created a Support Ticket in response to my email.
By the way, their SSL certificate is using old, insecure settings and is flagged as untrustworthy by Chrome:
Here's what the Qualys SSL Test says about it:
