The State of Wordpress Security

14 Dec 2016 by Hendrik Buchwald

Wordpress

Does Wordpress really need an introduction? It is by far the most popular blogging software on the planet and it is also abused for other tasks frequently. A large percentage of the World Wide Web is Wordpress1.

Plugins from the community are an integral part of most Wordpress sites, therefore this blog post will cover the complete Wordpress ecosystem and not just the core. To do this we downloaded all 47,959 plugins that are available from the official Wordpress repository and analyzed them with our static code analyzer RIPS! Shockingly, about every second larger plugin contains at least one medium severity issue. But is it really that bad? Read on to find out!

Read More ...