Mediaboss Marketing

By John P. Mello Jr. TechNewsWorld 06/17/13 9:35 AM PT

WordPress -- one of the most widely used tools on the Internet -- is rife with vulnerabilities to hack attacks. The problem lies mainly with the plug-ins. No less than 30 percent of the top 50 WordPress plug-ins were found to have one or more critical flaws, according to a recent study by Checkmarx. The results were shocking, said founder and CTO Maty Siman.

Adobe Reader and Oracle Java aren't alone in having a bull's eye painted on their code by hackers. WordPress also is becoming a popular target for Internet outlaws.

It's quite a large target, too. About 18 percent of the sites on the Web -- about 60 million of them -- use WordPress.

One reason WordPress is attracting hacker attention is that it's so easy to write plug-ins for it, noted Maty Siman, founder and CTO of Checkmarx.

There are more than 25,000 plug-ins written for WordPress. "That's good for WordPress, but it has some bad security implications," Siman told TechNewsWorld.

For instance, every week there are at least two advisories on critical security vulnerabilities in a WordPress plug-in.

Checkmarx is releasing a study Tuesday on vulnerabilities in WordPress plug-ins. The task was daunting, Siman confessed.

Six months ago, the company started scanning just the top 50 WordPress plug-ins.

"We were overwhelmed by the sheer amount of results," Siman said.

Read this article:
Hackers Find WordPress Easy Pickings