As of Thursday, November 17, 2022
In September, 4.6 million attacks were launched against more than 280,000 WordPress websites. According to The Hacker News, sites using the WP Gateway plugin were exposed, “potentially allowing malicious actors to completely take over affected sites.” Gateway is considered a premium plugin. Hacker News reported, “Further details about the vulnerability have been withheld owing to active exploitation and to prevent other actors from taking advantage of the shortcoming.”
Surprised? You shouldn't be. With its huge footprint, WordPress is an inviting target. In fact, WordPress sites are attacked all the time.
WordPress sites are so vulnerable, because they require multiple plugins from multiple vendors to operate. Each plugin comes with its own potential backdoors, broken code and other vulnerabilities – which you have no knowledge or control over. This is especially true for publishers, who cannot use WordPress for commercial publishing without many of them.
Other 2022 WordPress hacks and attacks include, according to The Hacker News:
Instead of stitching together dozens of plug-ins and widgets, it’s best to choose a secure, turnkey solution. A professional enterprise publishing system can help you sleep better at night, learn about increasing traffic and add new revenue streams. Learn more about our solutions here.