It is a while since I have highlighted the cyber security risk of using WordPress. As WordPress promotes, it is the most popular website and content management package in the world and it is very well supported with plugins to add that extra functionality you need. But being so popular makes it a target for threat actors and some of those plugins are not as well written or maintained as they could be.
So when a vulnerability creeps into the WordPress environment then the number of potential victims is always going to be high and the hackers will swoop in…
Over 150k WordPress sites at takeover risk via vulnerable plugin (bleepingcomputer.com)
Your takeaway from this…
The first question is “Do you know if your website is built on WordPress?” and the second is “Do you know what the patching and backup procedures are?”.
We have a document we use when we are carrying out and IT and Cyber Security Audits for clients that we use in-house and with third parties to make sure our clients reduce the risk of using WordPress. Do you have a similar audit in place?
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
How much are you relying on your web designer to protect your reputation?