Third-party WordPress plugins, extremely popular among millions of WordPress users, leave the door open for cybercriminals to exploit threats. Unfortunately, many people install new plugins and simply leave them be - without installing updates or ensuring security protocols are met - and that makes it even easier to compromise websites, databases, and users.
"WordPress is extremely powerful, and while the popularity creates a lot of opportunities for development, it also attracts hackers,"said Tony Baker, Internet Assure director, in a press statement. "There are thousands of extremely popular plugins that create vulnerabilities within these sites, and quite frankly, most WordPress self-hosted websites are set up without any thought to security."
As security becomes significantly more important for WordPress websites, vulnerabilities and code exploits will remain major security concerns. It's recommended for inexperienced website owners to rely on GoDaddy, BlueHost, Site5, and established hosting services to help host the site, as they have internal security protocols in place to keep track of security threats.