WordPress is open source software, making it an easy target for hackers.
With over 60 million websites using WordPress, new releases are continual and constant to keep ahead of hackers. ‘Best Practices’ is to update your website as soon as a new version comes out.
But it isn’t just WordPress software that needs to be updated, the plugins are equally vulnerable. There are over 25,566 WordPress plugins, 474,869,616 downloads, and counting. How would you know if your plugin are up-to-date or NOT? In fact, this month Checkmark’s research labs released “The Security State of WordPress Top 50 Plugins” with many plugins having vulnerabilities.
Most WordPress websites use at least a few plugins for specific purposes: themes, ecommerce, seo, membership. These plugins can be security openings for hackers to inject malware. In fact, there are hacker programs that troll for outdated WordPress and WordPress plugins, and plugins that aren’t being used can also cause security breaches.