WordPress Plugin Woes: 7,966 Vulnerabilities Unveiled – Are Your Plugins Safe?

WordPress vulnerabilities hit a staggering 7,966 last year, with plugins being the usual suspects in 96% of cases. Despite the high numbers, most vulnerabilities were as threatening as a wet noodle. However, Patchstack warns of abandoned plugins—like leaving your front door open and hoping raccoons don’t move in.

3P
Published: March 17, 2025 4:06 pmAdded: March 17, 2025 at 9:34 amAssembled by: The Editor
Pro Dashboard

Hot Take:

WordPress plugins are the new wild west of cybersecurity! With thousands of new vulnerabilities popping up like daisies, it’s time for developers to cowboy up and patch those holes before the internet turns into a spaghetti western of data breaches. Yeehaw!

Key Points:

  • 7,966 new vulnerabilities were found in the WordPress ecosystem last year, primarily impacting plugins and themes.
  • Only seven vulnerabilities were found in the WordPress core, with plugins hosting the majority (96%).
  • Most vulnerabilities are unlikely to be exploited, with 69.6% considered low risk.
  • Almost half of the flaws were cross-site scripting issues, followed by broken access control and cross-site request forgery.
  • 33% of the vulnerabilities were not patched before being publicly disclosed, many in abandoned plugins.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?