WordPress was so far dominating the ever-growing website space with its open source capabilities. But a new report has emerged to highlight its leadership in the world of the infected content management system (CMS).
Security company Sucuri claims in a quarterly report that out of a sample of over 9,000 infected websites, more than 6,800 ones were based on WordPress. The massive 78 percent share suggests the sharp target of attackers on WordPress websites. However, the report also includes Joomla, Magento and Drupal as the three other open source CMS with vulnerabilities.
Sucuri picked a total of 9,771 infected websites to produce its Hacked Website Report for the second quarter of 2016. The reported sites were recovered in the past three months using some proprietary solutions.
“In most instances, the compromises analysed had little, if anything, to do with the core of the CMS application itself but more with improper deployment, configuration, and overall maintenance by the webmasters and their hosts,” the report reads.
Outdated WordPress sites accounted 55 percent of share in the overall sample of infected sites. Whereas, Magento led with 96 percent followed by Joomla and Drupal.
The report also mentions the top three plugins that brought several vulnerabilities to WordPress site hacks. RevSlider, GravityForms and TimThumb all the three are reportedly affecting the platform.
Webmasters are recommended to install the latest WordPress core and plugin versions to protect their websites.