Blog

The Security State of WordPress’ Top 50 Plugins

1 min.

June 18, 2013

In June 2013, Checkmarx’s research labs ran multiple security scans against the source code of the most popular WordPress plugins.
The result? More than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection.
In total, 8 million vulnerable WordPress plugins were downloaded. This report presents the research findings as well as recommendations and mitigation measures for plugin developers, Web admins and platform providers when developing and installing third-party extensions.

Want to learn more? Here are some additional pieces for you to read.

AppSec
JSON Web Tokens Security

Application Security
Checkmarx + Wiz: Advancing AppSec with Code to Cloud Integration

AppSec
Alert: CDN Service “polyfill.io” Used by 100K+ Websites Provided Malicious Code in Responses

DXC Technology + Checkmarx Jointly Deliver Enterprise AppSec Success

A New North Korean Group Emerges, Disrupting the Open Source Ecosystem

Unveiling the Power of Cloud Insights

Make Better Decisions with Checkmarx One

Embracing ASPM: Enabling Enterprise Security Excellence

Introducing the Future of Cloud-Native Security

AI Security
Llama Drama: Critical Vulnerability CVE-2024-34359 Threatening Your Software Supply Chain

SCA
How to get started with SCA security tool

AppSec
Introducing AI Security Champion with Auto-remediation for SAST

AI
Introducing Real Time IDE Scanning – More Secure Code in Real Time

AI
Just Launched: Checkmarx AI Security

Secure SDLC
How to Incorporate SAST, DAST, and SCA into the SDLC

API Security
API Security Best Practices – How to Secure APIs in Your Environment

cnapp
How a CNAPP Helps Manage Cloud-Native Application Security Challenges

AppSec
SBOM and the Bill that is Coming

AppSec
Building #DevSecTrust with JetBrains and Checkmarx

AppSec
The Global Codebashing AppSec Training Initiative by Checkmarx and OWASP

The Security State of WordPress’ Top 50 Plugins

Read More