What we’re about to share surrounding the popular web publishing platform WordPress pertains to personal and business usage.
A recent news article has surfaced speaking out about 2 new severe plugin vulnerabilities that were patched up in Facebook regarding WordPress, however, if you’re familiar with the platform, this is not shocking news.
Over half a million websites use this specific plugin that Facebook has integrated with WordPress and with the recent exploits, hackers were able to gain access to these websites regardless of how strong their passwords or authentication settings were.
The WordPress ecosystem relies heavily on these plugins as it brings efficiency and convenience to its users. But to what cost?
This exploited vulnerability connected to WordPress that we’re highlighting only pertains to 1 specific plugin.
To put this into perspective, there are millions of plugins made available to organizations and individuals for their WordPress sites, and this single plugin that we’re speaking about is surely not the only one facing vulnerabilities. For many of these plugins, you may not hear about their vulnerabilities until it’s too late.
We’re seeing and hearing about new major plugin vulnerabilities from WordPress at least once a week these days. Cybercriminals are constantly searching for new ways they can get a hold of websites and potentially hold them for ransom.
With that said, you really have to consider if WordPress is the right platform for you and your business. If this event can happen to a huge platform like Facebook, it can happen to anyone.
Tip 1: Reduce Your Number of Plugins
If you are going to use WordPress, ensure you reduce the number of plugins you use. Only use what is essential as this will significantly reduce your potential of falling prey to a plugin vulnerability or attack. It may not be worth it to use a plugin for smaller menial tasks as each plugin you add significantly increases the size of your attack surface.
Tip 2: Update Constantly
WordPress faces multiple new system and plugin vulnerabilities every week, and if you use the platform, you’ll need to stay on top of the constant updates. We recommend checking for updates at least on a weekly basis so you don’t find your site in a precarious situation. This includes system updates as well as updates for each plugin you use.
Tip 3: Avoid Storing Personal Or Sensitive Information
Whether you’re sharing personal information on your site for the public’s eyes or storing sensitive information on the back-end of WordPress, this information is easily hackable. Do not make the mistake of storing confidential information on WordPress as it is almost inevitable that it will get breached.
Tip 4: Consider Alternatives
WordPress is not the be-all-end-all of web publishing platforms. Nowadays, there are tons of amazing options for you or your business. Do your research before settling for a platform that may not serve your business or security needs.
We hope you’ve found this information helpful for your web publishing purposes. Security is everything and education plays a huge role in that. Ensure to follow along on our future blog posts so you can stay up to date on current news and cyber-trends!