10 percent of plug-ins are contaminated
What would you say if someone told you that 10 percent of the top 1,000 plugins from the wordpress.org plugin directory are infected or have security holes? You would be shocked or not? After all, there is a good chance that you use one of these popular plugins for WordPress, installed it on your blog and still don't know about the insecurity lurking in the depths of your WordPress installation. That's exactly how it is. No less than 10 percent of the 1,000 most popular plugins are riddled with security holes.
1,000 plug-ins with 103 security vulnerabilities
Found out that Marcin Probolawhich deals with the topic of security and is presented in a detailed Blog post on the subject, presents his findings. Tested by his tool were about 1.000 (a few more, a few less) of the top WordPress plugins. In these 1.000 plugins 103 security holes or vulnerabilities were found, which means that about 10 percent of the plugins have such security problems. Pretty frightening results, I think, although not really surprising.
Many popular plugins are affected
Among them are many popular names like All In One WP Security, Pretty Link Lite, WP Google Fonts, qTranslate-Xthat is, plugins that many people actually have in use. Strictly speaking, the 103 plugins that have security vulnerabilities are installed on more than 4,000,000 blogs and have been downloaded about 30,000,000 times. Fortunately, Marcin has already reported the vulnerabilities, many have been closed, others not. Still others were simply downloaded from the plugin directory of wordpress.org removed. And the moral of the story? Don't trust the dear developers. Always check by yourself, read reviews and use as few plugins as possible.