WordPress Amsterdam Message Board › FYI - The Security State of WordPress
|Juliette Reinders ...||
FYI - received from Checkmarx via email - should be interesting for most of you ;-)
During the past six months, Checkmarx has conducted a research and analyzed the security of the top 50 WordPress plugins. The results were surprising- we found that 20% of the 50 most popular plugins and 7 out of 10 top e-commerce plugins are vulnerable to common web attacks. In total, 8 million vulnerable plugins have been downloaded.
This project is designed to raise awareness to the security state of software distribution platforms which are growing in popularity. Our contribution to the open source community is in line with its mission statement of guarantying that released software is free of technical and logical security vulnerabilities. It is the responsibility of the various App Marketplaces to protect the end users by ensuring they only distribute software that has been checked and meets rigorous security standards.
We will continue this campaign and work with other platforms and the open source community with a clear goal – creating a hacker free world.
View the Research
The research received wide media coverage
Featured articles- June 18, 2013
Security Week- Top WordPress Plugins Contain Serious Security Vulnerabilities
View article on securityweek.com
CRN- Popular WordPress E-Commerce Plugins Riddled With Security Flaws
View article on crn.com
Tech Republic- Be Wary of WordPress Plugin Vulnerabilities
View article on techrepublic.com
|A former member||
Secunia published 9 Advisories and Vulnerabilities for WordPress this month only.
As the WordPress core is pretty secure, its the user (plugins & themes) that opens it up for hackers..