If you are WordPress user and blindly trust on plugins by just because they are popular, your WordPress website can be victim of web attacks.
CheckMarx.com, who recently published one report on security threat with WordPress plugins by analyzing top 50 general WordPress plugins and top 10 eCommerce plugins.
According to CheckMarx’s report:
- Around 20% of the top 50 WordPress plugins are vulnerable to different web attacks like SQL injection, Cross-site scripting, CSRF, and PT.
- 70% of top 10 eCommerce WordPress plugins are vulnerable to common web attacks mentioned above.
- Top 50 WordPress plugins are from different categories like, social media, content management, website development or eCommerce.
- Most of the plugins have release updates in last year.
- There are only 6 plugins were completely fixed in last 6 months.
As there are millions of plugins available for WordPress, one can assume the percentage of other plugins, those are vulnerable to web attacks. SSL certificate is the ideal solution to prevent interception of third party, while data is traveling between browser and web server. So protect your WordPress website by migrating to SSL certificate.
Here is the table that includes summery of vulnerability in top 50 WordPress plugins (taken from report published by CheckMarx.com)
We strongly recommend reviewing a full report by CheckMarx.com, which is available at, free of cost here: http://www.checkmarx.com/wp-content/uploads/2013/06/The-Security-State-of-WordPress-Top-50-Plugins3.pdf
Related Posts :