Plown has been developed during penetration tests on Plone sites and was used to ease the discovery of usernames and passwords. If found vulnerable, the tool informs about the vulnerability and the URL of the patch. We hope that plown can act as an assistant to system administrators to strengthen their Plone site. Despite the fact that Plone is one of the most secure CMS, even the most. secure system can be penetrated due to misconfigurations, use of weak passwords and if the admins never apply the patches released.
Source: https://thehackernews.com/2012/04/plown-security-scanner-for-plone-cms.html