WordPress is arguably the most prevalent of content management systems on the web today so, unsurprisingly, it’s a massive target for malicious activities. While the core WordPress package has had its share of security issues, it’s outdated plugins that are a major contributor, with three in particular comprising 25 per cent of all WordPress vulnerabilities. Which three plugins should you make sure are up-to-date? The culprits are TimThumb (dynamic image resizing), RevSlider (now Slider Revolution, simplifies creating responsive designs) and GravityForms (contact form creator), according to a new report from web security firm Sucuri. RevSlider and TimThumb in particular were singled out: Almost 10% of the compromised WordPress sites that we analyzed had a vulnerable version of RevSlider. When you combine RevSlider, Gravity Forms, and TimThumb, they account for 25% of the total compromised WordPress sites. All three plugins had a fix available over a year, with TimThumb going back multiple years (four to be exact, circa 2011). It goes on to mention that website administrators need to be vigilant when it comes to updating not only WordPress, but installed plugins as well.
Share This

We are using cookies on our website

Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.