25% Of WordPress Security Holes Thanks To Just 3 Add-Ons

WordPress is arguably the most prevalent of content management systems on the web today so, unsurprisingly, it’s a massive target for malicious activities. While the core WordPress package has had its share of security issues, it’s outdated plugins that are a major contributor, with three in particular comprising 25 per cent of all WordPress vulnerabilities.

Which three plugins should you make sure are up-to-date? The culprits are TimThumb (dynamic image resizing), RevSlider (now Slider Revolution, simplifies creating responsive designs) and GravityForms (contact form creator), according to a new report from web security firm Sucuri.

RevSlider and TimThumb in particular were singled out:

Almost 10% of the compromised WordPress sites that we analyzed had a vulnerable version of RevSlider. When you combine RevSlider, Gravity Forms, and TimThumb, they account for 25% of the total compromised WordPress sites. All three plugins had a fix available over a year, with TimThumb going back multiple years (four to be exact, circa 2011).

It goes on to mention that website administrators need to be vigilant when it comes to updating not only WordPress, but installed plugins as well.

One might advocate automatic updates, but this would only work for the most basic of WordPress websites. More often than not, complex sites have custom themes and modified plugins, which would cause a lot of pain if you had no control over the upgrade process.

Website Hacked Report 2016 — Q1 [Sucuri, via Softpedia]

The Cheapest NBN 50 Plans

Here are the cheapest plans available for Australia’s most popular NBN speed tier.

At Lifehacker, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.


One response to “25% Of WordPress Security Holes Thanks To Just 3 Add-Ons”