WordPress Vulnerabilities


That little fox you see above…just think of him as the sneaky, malicious hackers that are trying to get into your website to wreak havoc.

You’ve heard us say it here, and you will probably hear us say it again at some future date beyond today: keeping your WordPress installation and plugins up to date is a critical part of owning and maintaining your website.

WordPress accounts for 23.8% of all websites on the web – a massive number indeed – and being the most popular content management system comes with some pluses and minuses. You’re already well aware of many of the pluses: a slick content management system that is easy to use, a great blogging platform with a wide variety of free and proprietary plugins, and a wide umbrella of knowledgeable WordPress experts for site upgrades and support.

Then there is a minus: being the most popular CMS on the web puts a gigantic target right on the, figuratively speaking, WordPress forehead.

Beginning in March, a number of WordPress plugin and WordPress core vulnerabilities have come to light.  The ever popular Google Analytics by Yoast (7 million plus downloads) was discovered to have two vulnerabilities that could potentially allow an attacker to infiltrate a WordPress site. If successful, an intruder would be able to  change the  administrator password, create admin accounts, and basically do whatever they pleased with your website.

You can read more about those vulnerabilities here, and here.

As recently as yesterday, WordPress issued a core update to address newly discovered vulnerabilities with the WordPress commenting system.  This core vulnerability affects WordPress versions 3.9.3, 4.1.1, 4.1.2, and 4.2. The vulnerability is a Cross-Site Scripting (XSS) flaw within the commenting system and can once again allow havoc and destruction to be unleashed upon your site should you be compromised. You can read more about that issue here.

Obviously, if you’re not up to date on your installation and plugins now is the time!

ABD Web Design understands that you are busy. You are running a business and handling a multitude of tasks already. The last thing your schedule needs is the addition of another hour or more spent backing up your site, updating your WordPress installation, and updating your plugins. You most certainly do not have time for a website that has been destroyed by a hacker.

Did I mention that we have a solution for that?

ABD Web Design WordPress Updates and Security Subscription

Security is an issue we all have to stay on top of. It’s an unfortunate reality that malicious hackers are on the rise and will work relentlessly to infiltrate your website.  There is nothing more upsetting and disruptive than to discover that your website has been compromised by a malicious entity.  The outcomes can be catastrophic most especially if you haven’t employed good security practices like regular backups and site updates.

For $30 dollars a month ABD Web Design can manage your WordPress site updates and security for you.  We will start out by installing and configuring a suite of recommended security plugins. Then, every three months we will:

  • Backup all your files and your database
  • Update WordPress to the latest version
  • Update all of your WordPress plugins
  • Resolve any compatibility issues
  • Check/update your security settings

In between scheduled updates, if a new vulnerability or critical fix comes out (like these!), you’ll get priority and we’ll update your site right away!

If you ever do get a security breach we’ll fix your site at no additional cost (anything up to 3 hours).

You can sign up for this at  ABD Web Design WordPress Updates and Security Subscription.

The Take Away

As you can see by the above, keeping your site secure is an ongoing process of the utmost importance. Give yourself piece of mind with the ABD Web Design WordPress Updates and Security Subscription and get back to your business. ABD Web Design is here to keep your site secure and up-to-date.  Read more and subscribe here:  ABD Web Design WordPress Updates and Security Subscription.