Connect with us

Hi, what are you looking for?

Technology

WordPress plugin vulnerabilities more than doubled in 2021

2022 01 13 image 8


What just happened? Third-party WordPress plugin vulnerabilities increased significantly in 2021, and many of them still have known public exploits. Cybersecurity firm Risk Based Security said 10,359 vulnerabilities were reported to affect third-party WordPress plugins at the end of last year, of which 2,240 were disclosed in 2021. That’s a 142 percent increase compared to 2020, but the bigger concern is the fact that 77 percent of all known WordPress plugin vulnerabilities – or 7,993 of them – have known public exploits.

A closer look revealed that 7,592 WordPress plugin vulnerabilities are remotely exploitable while 4,797 have a public exploit but no CVE ID. For organizations that only rely on CVEs for mitigation prioritization, the latter means that more than 60 percent of vulnerabilities with a public exploit won’t even be on their radar.

2022 01 13 image 8

Another issue Risk Based Security touched on for organizations is their focus on criticality rather than exploitability.

The firm notes many organizations categorize vulnerabilities with a CVSS severity score below 7.0 as not being high priority, and thus don’t address them right away. That’s a problem considering the average CVSS score for all WordPress plugin vulnerabilities is 5.5.

Risk Based Security and others have observed malicious actors favoring vulnerabilities not with high severity scores, but rather those that can be easily exploited. Given the data and observations, perhaps it would be wise for some organizations to reconsider their threat management protocols.

Image credit: Justin Morgan



Source link

Advertisement. Scroll to continue reading.

Click to comment

Leave a Reply

Latest

Top Stories

FTX founder Sam Bankman-Fried and Alameda Ventures made recent headlines for bailing out a handful of CeFi crypto platforms this week, but what exactly...

Top Stories

Although Bitcoin is struggling to form a bottom, altcoins are on a roll and the current price action could benefit UNI, XLM, THETA and...

Top Stories

Ethereum’s native token Ether (ETH) has declined by more than 35% against Bitcoin (BTC) since December 2021 with a potential to decline further in...

Top Stories

The company enables artists and collectors to create, purchase and resell NFTs via blockchain-enabled transactions. Source link

Technology

Interested in learning what’s next for the gaming industry? Join gaming executives to discuss emerging parts of the industry this October at GamesBeat Summit...

Top Stories

Bitcoin (BTC) made the most of weekend volatility on June 26 as a squeeze saw BTC/USD reach its highest in over a week. BTC/USD...

Advertisement

You May Also Like

Uncategorized

Introductions get a lot of attention. I’ve explored the topic of how to write them even though as a reader, I always skip them....

Online Business Success

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information...

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

Online Business Success

You can think of link building in many ways. I like to call it tedious, painful, and a test of patience. It’s also necessary...

Advertisement