Topic: `security-vulnerabilities`

10 entries tagged security-vulnerabilities.

Rules (1)

ruleRULE: Plugin count is the WordPress security surface. Audit quarterly; one-in, one-out rule.

Reference entries (9)

referenceOPC vs Brinks Home (PIPEDA Findings #2024-002, Mar 28 2024): inadequate safeguards left customer data accessible for 10 weeks
referenceBricks CVE-2024-25600: unauthenticated RCE (CVSS 10) — exploited in the wild ~24 hours after patch release
referenceDrupal 7 EOL January 5, 2025 — ~291,386 sites still on D7 in Sept 2024; migration is effectively a rebuild
referenceVerizon DBIR 2025: 88% of SMB breaches involved ransomware vs 39% of enterprise; median ransom $115k
referenceSucuri 2023: 39.1% of CMS apps outdated at point of infection (down from 50.58% in 2022)
referenceWordfence 2024: 54 billion malicious requests blocked, ~325-350k sites infected on any given day
referencePatchstack 2024: 1,614 plugins and themes removed from .org repo for unpatched security issues
referencePatchstack 2024: 4,166 new vulnerabilities, 96% in plugins, 4% in themes, only 7 in core
referenceResearch brief: Built to Last — why most SMB sites rebuild every 3-4 years (piece 5 of 15)