90% of hacked websites using a CMS run on WordPress according to Sucuri, a company specializing in web security. E-commerce sites are particularly popular with hackers for the simple reason that they allow access to users' bank data. This report highlights WordPress' security shortcomings.
Most websites use a content management system commonly called CMS. WordPress is the most popular CMS in the world, running more than 30% of the sites on the web. Logically, it represents a privileged target for hackers. The more popular a platform is, the more popular it is with hackers. It's like Windows and Android that are regularly criticized for their security problems.
A report from Sucuri, a company specializing in web security, shows that 90% of hacked websites that use a CMS run on WordPress.
A report from Sucuri, a company specializing in web security, shows that 90% of hacked websites that use a CMS run on WordPress.
WordPress is still very unstable in terms of securitySucuri offers a solution that allows webmasters to solve security problems on their websites. The company used data from 18,302 infected websites in 2018 and more than 4.4 million cleaned files to produce its latest report on hacking trends on the web.
She tells us that 90% of the websites that were hacked in 2018 were using WordPress. This figure is up 7% compared to the 83% of the previous year. The proportion of hacked websites using Magento and Joomla CMS is 4.6 and 4.3% respectively. Both CMSs made progress in 2018 as the previous year they represented 6.5% and 13.1% of hacked websites.
She tells us that 90% of the websites that were hacked in 2018 were using WordPress. This figure is up 7% compared to the 83% of the previous year. The proportion of hacked websites using Magento and Joomla CMS is 4.6 and 4.3% respectively. Both CMSs made progress in 2018 as the previous year they represented 6.5% and 13.1% of hacked websites.
As for the causes that explain this instability of WordPress, they are to be found in plugins that work exactly like browser extensions. Created by third-party developers, they extend the functionality of the CMS.
According to Sucuri, most vulnerabilities come from WordPress plugins and especially those used on e-commerce sites, which makes it easier for hackers to access sensitive data such as banking data used in transactions.
According to Sucuri, most vulnerabilities come from WordPress plugins and especially those used on e-commerce sites, which makes it easier for hackers to access sensitive data such as banking data used in transactions.
In addition, Sucuri experts found that only 56% of all websites analysed used an updated version of the CMS. However, this factor is not really what explains WordPress' security problems as 64% of hacked sites did not run an obsolete version of the CMS. However, Sucuri advises webmasters to update regularly, whether it is CMS updates, extensions or themes that manage the appearance of sites.