True, the problems are mostly with third party add-ons, older wp versions, and weak passwords.
The core wp platform is solid and it is being refined everyday by a group of about 50 software engineers. Wordpress is not going anywhere. I'm just concerned that many are not aware of the many potential problems. Problems which your Wordfence Security can address every minute of the day.
I must also add that if one's wordpress site is very slow with regard to traffic, hackers will likely not bother with it. They are looking to trick as many unsuspecting people as possible, of course.
There are many articles which address these issues. Somewhere the truth is out there.
According to statistics From 40,000+ WordPress Websites in Alexa Top 1 Million, more than 70% of WordPress installations are vulnerable to hacker attacks.
Ever wondered why WordPress is such a popular target for malicious hackers? Do you know why every year hundreds of thousands of WordPress installations are hacked, even though WordPress users have many WordPress security plugins that they can use? This article uses statistics to explain why.
The statistics are from a research held between the 12th and 15th of September 2013, just 1 day after the release of WordPress 3.6.1. This update addressed several critical exploitable vulnerabilities, such as a remote code execution. The research was headed by Sandro Gauci, CEO and Founder of EnableSecurity. Mr Gauci also built all the tools for this research.
WordPress versions statistics | The shocking truth
The below statistics are are based on 42,106 WordPress websites found in Alexa’s top 1 million websites.
- 74 different versions WordPress identified.
- 11 of these versions are invalid. For example version 6.6.6.
- 18 websites had an invalid non existing versions of WordPress.
- 769 websites (1.82%) are still running a subversion of WordPress 2.0.
- Only 7,814 websites (18.55%) upgraded to WordPress 3.6.1.
- 1,785 websites upgraded to version 3.6.1 between the 12th and the 15th of September.
- 13,034 websites (30.95%) are still running a vulnerable version of WordPress 3.6.
WordPress Installations Vulnerable to Hacker Attacks
Data shows that at least 30,823 out of 42,106 identified WordPress websites have exploitable vulnerabilities.
This means that 73.2% of the most popular WordPress installations are vulnerable. They are vulnerable to exploitable vulnerabilities that can be detected with free automated tools, within seconds. It is surprising how most of them haven’t been hacked yet.
It only takes a couple of minutes for a malicious attacker to run an automated tool that can discover these vulnerabilities and exploit them. This highlights the importance choosing the right WordPress web host that auto updates both plugins and WordPress.