Malware Guide
    Facebook X (Twitter) Instagram
    Malware Guide
    • Adware
    • Browser Hijackers
    • Ransomware
    • Articles
    • News
    Malware Guide
    Home - Hundreds of Weaknesses in WordPress Plug-ins Remain Unupdated
    news
    Security News

    Hundreds of Weaknesses in WordPress Plug-ins Remain Unupdated

    MaximBy MaximAugust 8, 2023No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email

    This year, security experts have found 2500 weak spots in additional tools (called plug-ins) for WordPress, a platform used by over 43% of all websites. Security company Wordfence reports that there are still no fixes for hundreds of these security holes. WordPress allows many of these plug-ins and themes to be added to websites created by outside developers.

    Table of Contents hide
    Most Weaknesses in Extra Tools, Not WordPress Itself
    Many Medium-Impact Weaknesses, Lots of Unresolved Issues
    Unsupported Tools Pose a Big Problem

    Most Weaknesses in Extra Tools, Not WordPress Itself

    Most security issues affecting WordPress sites are in these extra tools or plug-ins. In comparison, WordPress itself only had six reported weaknesses this year, against 2500 in its plug-ins. Often, these weak points allow a type of attack called cross-site scripting. In the worst case, this could allow someone malicious to steal the website owner’s access and take over the site.

    Many Medium-Impact Weaknesses, Lots of Unresolved Issues

    Wordfence’s numbers show that about 2000 weaknesses have a medium impact. The troubling part is the number of these security holes still waiting to be fixed. Out of the 2500 known weak spots in the plug-ins, 678 have not been dealt with by the developers. This means more than a quarter of these known weaknesses remain open.

    Unsupported Tools Pose a Big Problem

    The issue, in this case, is that many of these extra tools or plug-ins aren’t supported much or at all by the developers. WordPress often removes these from its store so others can’t download them, but that doesn’t solve the problem for sites that already have them installed. Therefore, Wordfence strongly advises website managers to remove these plug-ins before someone with bad intentions can exploit them.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleRemove Siravn.com (virus removal guide)
    Next Article Deceptive Android Apps Display Ads When Phone Screen is Turned Off
    photo me - max
    Maxim
    • Website

    Hi! I am Maxim. I research malware. I blog about malware and computer virus threats as they are released, so you can use it to remove viruses from your computer, phone, or tablet. Is this information useful? Share on social media and help others Thank you!

    Related Posts

    Security News

    German AV-Test Institute Compares Windows 10 Antivirus Scanners

    August 13, 2023
    Security News

    NewsCriminals Exploit Six-Year-Old Vulnerability to Infect Zyxel Routers with Malware for Botnet Activities

    August 13, 2023
    Security News

    US Initiates Inquiry into Theft of Government Emails on Microsoft Exchange Online

    August 13, 2023
    Latest guides

    Remove Teensykids.com (virus removal guide)

    September 27, 2023

    Remove Daynitroglass.com (virus removal guide)

    September 27, 2023

    Remove Fieryforgekeeper.top (virus removal guide)

    September 27, 2023

    Remove Emberenchanter.top (virus removal guide)

    September 27, 2023
    Security news

    German AV-Test Institute Compares Windows 10 Antivirus Scanners

    August 13, 2023

    NewsCriminals Exploit Six-Year-Old Vulnerability to Infect Zyxel Routers with Malware for Botnet Activities

    August 13, 2023

    US Initiates Inquiry into Theft of Government Emails on Microsoft Exchange Online

    August 13, 2023

    Google to Release Weekly Security Updates for Chrome

    August 9, 2023
    • Contact
    • Site Terms
    • Privacy Policy
    • Disclaimer
    • What is malware?
    © 2023 Malware.guide

    Type above and press Enter to search. Press Esc to cancel.