No, unfortunately, plain text and HTML is harder to discern good from evil as it is more up to the individual site owns to decide what kind of content they want in their posts. Also, the DB contents is not obfuscated so it’s easy to spot and it cannot be executed on your server so it is generally not as dangerous either.
Fortunately, it not hard for you to remove any of the content that you don’t want in your own posts just by using the text tab in the post editor’s content window.
Kaspersky got the alerts and your plugin saved the site tonight. Wordfence did not find most of the infections. Two nasty trojans + the gravity forms mess finally got it. Now Anti-Malware and BPSP are ON!
Donated! -- WP-Worker
I used this tool on two websites I administrate - it worked great ... I will definitely have my clients donate to this plug in... keep up the great work!