Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

WordPress Users Beware

January 10, 2019

Approximately 30% of websites are powered by WordPress. Obviously, it is an extremely popular platform for a lot of businesses. It’s also an environment that is subject to a lot of attacks trying to take advantage of vulnerabilities since it is the most popular platform. According to Bleeping Computer, WordPress related vulnerabilities increased by 300% in 2018. But wait. The base WordPress platform isn’t the problem. WordPress plugins are responsible for 98% of the WordPress vulnerabilities. Perhaps that’s an unintended consequence for being an open source platform.

The message is to be careful what plugins you use and certainly to make sure that you are up to date with patches. There are sources like Tech Republic, which identified the ten plugins most vulnerable to attacks.

  1. Event Calendar WD
  2. Ultimate Member
  3. Coming Soon Page
  4. GD Rating System
  5. Contact Form by WD
  6. WPGlobus
  7. From Maker
  8. Ninja Forms
  9. Affiliates Manager
  10. Duplicator Pro

Be especially careful if you have installed any of them. Perhaps rethink whether or not you should really have them installed on your site.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com