WordPress vulnerabilities tripled in 2018

Providing the basis for about 30% of all websites on the Internet, WordPress is the most popular content management system (CMS) today, followed by Joomla! and Drupal.

The popularity of WordPress is also one of the reasons that attract the attention of cybercriminals.

– Download WordPress here.
– If you do not know how to install WordPress, please refer to the tutorial article install WordPress here.
– Track how create a WordPress blog here.

WordPress vulnerabilities tripled in 2018.

According to a report by cybersecurity company Imperva, in 2018 alone, the number of WordPress-related vulnerabilities increased to 542. This number triples compared to WordPress vulnerabilities in 2017, with almost 200 vulnerabilities recorded. Vulnerabilities and errors on Joomla and Drupal are less, only about 150 errors.

However, a lower number of security flaws does not necessarily mean a more secure platform, rather these numbers show that attackers are mainly focused on popular platforms.

Not to mention that attacks on platforms that are less common than WordPress often have more serious consequences, as demonstrated by the Drupalgeddon vulnerabilities that were massively exploited last year.

The easy exploitation of Drupalgeddon vulnerabilities resulted in a series of attacks on unpatched websites. In the Imperva report, the company said it “detected and blocked more than half a million attacks related to these vulnerabilities in 2018”.

Plugins are weak links.

Almost all the vulnerabilities, specifically 98% of the total vulnerabilities are related to WordPress plugins, equivalent to more than 50,000 official CMS websites. This means that attacks related to WordPress code account for only 2%.

The company says: “Anyone can create and publish a plugin – WordPress is an open source, easy-to-manage platform, and there’s no process required to adhere to minimum security standards (such as code analysis). So WordPress plugins are vulnerable to many vulnerabilities.

Web application vulnerabilities are on the rise.

Also according to Imperva’s report, security vulnerabilities in web applications are on the rise. According to the company’s data, exploits were made publicly available for more than half (54%) of all attacks, and 38% of the total had no solution to mitigate the impact of the attack. attacks, such as patches or software upgrades.

Distributed error types for web applications accounted for the largest number of errors in 2018, with about 3,300 errors. These include 1,980 bugs that enable remote code execution (RCE) and 1,354 that trigger SQL attacks.

In addition, the number of Cross-Site Scripting (XSS) vulnerabilities also doubled during the year, accounting for 14% of all reported security flaws discovered on web applications in the last year.

https://thuthuat.Emergenceingames.com/cac-lo-hong-wordpress-tang-gap-3-lan-trong-nam-2018-43574n.aspx
In order to improve your security as well as protect user chats from the hands of bad guys, WhatsApp for Android tests fingerprint authentication on my famous chat app. You can learn more about this feature in development on Emergenceingames.com.