Sucuri released the Hacked Website Report 2018, which has some interesting findings. 🛡️
While “WordPress infections rose from 83% in 2017 to 90% in 2018,” there was also “a decline in the number of outdated, vulnerable versions of WordPress at the point of infection.”
The main source of vulnerable code is “poorly configured plugins,” not WordPress itself, as the core “auto-updates [continue to have] a material impact” on security.
Check out WPVulnDB‘s plugin for scanning WordPress for known vulnerabilities. Hat tip: WPCampus. 🎩
