Did you know that a top cause of a WordPress site hack comes from outdated software?
You may think “hackers only go after ‘the big guys’, though”. The reality is that hackers can target any website and if your website is out of date, you are especially vulnerable to a hack.
Over 56% of All Hacked Websites Were Out of Date
Sucuri, a large and well-respected security firm, released their 2019 Hacked Website Report. In this report, they noted that in 2019, over 56% of all CMS (WordPress and others) applications were out of date at the point of infection, unchanged from the data seen in 2018.
In other words, outdated software is one of the major causes of a hack. And this does not just apply to your version of WordPress. It is also true of the plugins you are using.
Your Plugins Also Put You At Risk of a Hack
Sucuri stated that “44% of all vulnerable websites had more than one vulnerable software present in the environment”. The most common were Contact Form 7 and Yoast SEO. These plugins are not less secure than others. They just happen to be widely used and websites using them tend to not have the most recent version.
Why Are Outdated Plugins Dangerous?
The developers of plugins and software are regularly updating and improving their products, especially when it comes to security risks. When plugin developers discover a potential risk in their code, they will release an update. When developers do this, they will announce that their software has been updated due to a security risk.
This announcement is important for people using their WordPress software, but it is also a way for hackers to identify vulnerable versions of plugins that they can exploit. Not taking the time to update plugins that have been specifically identified as needing a security update will increase your risk of a hack.
WordPress Isn't The Only Platform At Risk of a Hack
Outdated software is not only an issue for WordPress sites. Drupal, Joomla and Magento are not as widely used as WordPress, but they had higher percentages when it comes to whether they were out of date at the point of infection due to a hack. While WordPress was out of date 49% of the time at the point of infection, Drupal had a percentage of 77%. Joomla and Magento had even higher rates at 87% and 90% respectively.