Subscribe
Join 40,000+ sales and marketing pros who receive our 4x a week insights, tips, and best practices.
Thank you! You have been subscribed.

Free Assessment: Website Performance Assessment

Start the Assessment
... Inbound Marketing Web Design
Close
website performance assessment start

Free Assessment:

Website Performance Assessment
Start the Assessment
Website Performance Assessment
Free Website Course
View Website Performance Assessment
website performance assessment start

Free Assessment:

Does your website build trust with buyers and bring in revenue?

Take this free 10 question assessment and learn how your website can start living up to its potential.

These 8 WordPress plugins are most vulnerable to hackers in 2020

By Marc Amigone

Marc Amigone also recommends this free website performance assessment.

These 8 WordPress plugins are most vulnerable to hackers in 2020

According to a report from ZDNet, February 2020 saw a noticeable increase in hacking attempts on WordPress websites.

Given WordPress’ ubiquitous presence across the internet (36% of all websites are built on WordPress according to W3Techs), hackers have lots of opportunities to exploit weaknesses and extract valuable information.

Free Assessment: Website Performance Assessment

Being an open-source system, WordPress always has and always will be vulnerable to these types of incidents. It’s the ultimate trade-off of a system designed to open itself to developers and users all over the world with a very low barrier of entry. 

Individuals and businesses can build a robust website on the WordPress platform and utilize plugins developed for a wide variety of purposes, but maintaining those websites and especially the plugins is a labor-intensive, yet critically important, task.

So how do you know if your website is vulnerable to attack based off this information? It’s never a bad time to go into your WordPress setup and make sure all of your plugins are up to date — and if you’re not using a secure hosting platform like WP Engine, it’s also not a bad time to look into it. 

WordPress plugins most at risk

ZDNet focused its report on eight popular plugins that are providing hackers the most opportunities; so if any of these are installed on your website, stop what you’re doing and go update them:

Duplicator (1 million+ installs)

Duplicator successfully gives WordPress users the ability to migrate, copy, move, or clone a site from one location to another, and also serves as a simple backup utility.

Duplicator handles serialized and base64 serialized replacements. Standard WordPress migration and WordPress backups are easily handled by this plugin as are zero downtime migrations.

ThemeGrill Demo Importer (200,000 installs)

ThemeGrill Demo Importer allows users to import ThemeGrill official themes demo content, widgets, and theme settings with just one click.

Profile Builder Plugin (65,000 installs)

A plugin that generates shortcodes for creating front-end login, user registration, and edits profile forms making the process simpler and easier for end-users.

Flexible Checkout Fields for WooCommerce (20,000 installs)

With this plugin, you can edit the default WooCommerce checkout fields (change labels, hide, and delete) or add your own.

ThemeREX Add-ons

If you’re using a ThemeREX theme, check out any add-ons or plugins you’ve installed to make sure they’re up to date.

Async JavaScript (100K installs)

This plugin allows you to control when JavaScript loads or doesn’t load on your pages to protect load times and increase site performance.

10Web Map Builder for Google Maps (20k installs)

10Web Map Builder for Google Maps allows users to add unlimited maps to their website.

Modern Events Calendar Lite (40k installs)

Modern Events Calendar is an events management plugin used for displaying events calendars on websites.

WordPress site security

At IMPACT, we often recommend the HubSpot CMS to our clients to avoid vulnerabilities created by WordPress plugins. That being said, HubSpot isn’t a viable option for every business’ CMS, so we develop dozens of websites on WordPress each year as well.

For any website we build on WordPress, we stipulate that our clients have to use WP Engine as their hosting platform to protect against attacks.

WP Engine offers security features such as monitoring plugins, ensuring any that are out of date are updated and notifying their customers of vulnerabilities as they emerge.

It’s never a bad time to do an analysis of your website’s security, whether you use WordPress or not. The internet can be a dangerous place, so following best practices to protect your business’ data is never a bad idea.

website performance assessment start

Free Assessment:

Website Performance Assessment
Start the Assessment
website performance assessment start
website performance assessment start

Free Assessment:

Website Performance Assessment

Does your website build trust with buyers and bring in revenue?

Take this free 10 question assessment and learn how your website can start living up to its potential.

Topics:

Web Design
News
Published on March 9, 2020

Recent Articles

5 Prep Secrets for a Smoother, More Successful Website Project Plan (+ Infographic)
May 16, 2022 • 8 min read
8 Best Content Management Systems for Digital Marketing in 2022
March 22, 2022 • 9 min read
How Much Does a Website Design or Redesign Cost in 2022?
March 8, 2022 • 9 min read
Website Redesign Checklist: The 12 Crucial Steps You Need To Be Successful
February 22, 2022 • 17 min read
Your 2022 Website Strategy Must Include These 6 Things
February 15, 2022 • 9 min read
11 Pricing Page Examples for Business Websites (Updated for 2022)
January 18, 2022 • 10 min read
8 Crucial Elements Every Homepage Design Should Have [+Video]
January 15, 2022 • 6 min read
What Does a Great Inbound Marketing Website Look Like in 2022?
January 10, 2022 • 11 min read
What Makes a Good Website Design? 7 Award-Winning Examples To Be Inspired By
December 18, 2021 • 9 min read
What Is a Learning Center and Why Does My Website Need One?
November 22, 2021 • 6 min read
7 Self-Service Tools on Business Websites to be Inspired By
September 29, 2021 • 7 min read
Google Shares New Tools to Audit Website User Experience
August 12, 2021 • 3 min read
New HubSpot CMS Hub Starter Tier Released for Growing Businesses
August 6, 2021 • 4 min read
ICYMI: Digital Marketing News Update for July 26, 2021
July 26, 2021 • 6 min read
ICYMI: Digital Marketing News Update for July 19, 2021
July 19, 2021 • 6 min read
What the Heck is Going on With All the Google Updates? (Content Lab, Ep. 54)
July 15, 2021 • 1 min read
8 Best Business Website Designs (Updated for 2022)
July 15, 2021 • 5 min read
ICYMI: Digital marketing news update for July 12, 2021
July 12, 2021 • 5 min read
Too many internal links in content can confuse Google about site structure
July 9, 2021 • 5 min read
Google July 2021 core update rolling out over next 2 weeks
July 2, 2021 • 4 min read
6 tips for building a great diversity and inclusion page (+examples)
June 29, 2021 • 7 min read
Google punts third-party cookie ban to 2023 for 'responsible planning'
June 25, 2021 • 6 min read
8 types of website performance metrics you should look at on a monthly basis
June 24, 2021 • 11 min read
Finally, Google page experience core update is rolling out
June 18, 2021 • 3 min read
8 Business Blog Design Examples That Keep Readers Engaged
June 16, 2021 • 6 min read