March 15, 2015

WordPress, originally designed as a blogger software has become one of the most popular free open source website distributions. The ease how non-technical users with no programming language skill can set up professionally looking websites is second to none. Not surprising that a lot of small to large businesses use wordpress for their web presences.

WordPress has a lot of plugins are available and they can be deployed in minutes. From contact forms, to cloud connects and all the way to payment processing plugins. This is where the problem starts. People writing those plugins just put them online for others to download. Very often programming security is weak as people who write them have very limited understanding of secure coding and often loopholes are introduced.

An insecure WP plugin can lead to compromise of website and sometimes even a complete server compromise. For those concerned with their wordpress installation, there is an easy to use tool available to check for flaws in WordPress installations.

You can download it here: http://wpscan.org

Share