Fun fact, WordPress accounts for 26% of all websites on the internet but 2⁄3 of all those sites are not updated to the latest version. There are over 1.1 million new registered WordPress domains every 6 months. There are roughly 44,622 plugins from WordPress and third party creators totaling 1.2 million downloads. Why am I telling you all of this? Because of the market value that WordPress has it has become a target for malicious advesaries. Hacked WordPress sites are typically used as a to phish the attackers actual target. Don’t take our word for it, check out some of the resources around this issue.
- Thousands of WordPress sites backdoored with malicious code
- Compromised WordPress accounts used to take over sites
- Unpatched WordPress version vulnerable to “authenticated arbitrary file deletion”
These are just a few of the posts out there this year covering WordPress compromises.
2⁄3 of all WordPress sites are not updated to the latest version