Back to Learning Center
Subscribe
Join 40,000+ sales and marketing pros who receive our weekly insights, tips, and best practices.
Thank you! You have been subscribed.
Learning Center
Learning Center
Close
The IMPACT Learning Center

Free resources to help you master inbound marketing and They Ask, You Answer

Access the Learning Center

Access the Learning Center

Access the Learning Center
learning_center_grey__What is They Ask, You Answer-v2-black

What is They Ask, You Answer

What is <span>They Ask, You Answer</span>
Articles, Podcasts, & Updates

Articles, Podcasts, & Updates

Articles, Podcasts, <span>& Updates</span>
Free Courses & Certifications

Free Courses & Certifications

Free Courses & <span>Certifications</span>
On-Demand Keynotes & Sessions

On-Demand Keynotes & Sessions

On-Demand <span>Keynotes & Sessions</span>
Events
Events
Close
IMPACT+ Membership
IMPACT+ Membership
Close
Services
Services
Close
Navigation_8_2021_taya

They Ask, You Answer Coaching & Training

They Ask, You Answer Coaching & Training
They Ask, You Answer Workshop

They Ask, You Answer Workshop

They Ask, You Answer Workshop
Navigation_8_2021_workshop

Inbound Marketing Services

Inbound Marketing Services
Navigation_8_2021_website design - monitor

Website Design & Development

Website Design & Development
Navigation_8_2021_hubspot implementation

HubSpot Training & Implementation

HubSpot Training & Implementation
Navigation_8_2021_virtual selling

Virtual Sales
Training

Virtual Sales <br>Training
Navigation_8_2021_swell - paid ads

Paid Search & Social Services

Paid Search & Social Services
Become a Certified Coach
Become a Certified Coach
Close
News

These 8 WordPress plugins are most vulnerable to hackers in 2020

By Marc Amigone

These 8 WordPress plugins are most vulnerable to hackers in 2020 Blog Feature

According to a report from ZDNet, February 2020 saw a noticeable increase in hacking attempts on WordPress websites.

Given WordPress’ ubiquitous presence across the internet (36% of all websites are built on WordPress according to W3Techs), hackers have lots of opportunities to exploit weaknesses and extract valuable information.

Being an open-source system, WordPress always has and always will be vulnerable to these types of incidents. It’s the ultimate trade-off of a system designed to open itself to developers and users all over the world with a very low barrier of entry. 

Individuals and businesses can build a robust website on the WordPress platform and utilize plugins developed for a wide variety of purposes, but maintaining those websites and especially the plugins is a labor-intensive, yet critically important, task.

So how do you know if your website is vulnerable to attack based off this information? It’s never a bad time to go into your WordPress setup and make sure all of your plugins are up to date — and if you’re not using a secure hosting platform like WP Engine, it’s also not a bad time to look into it. 

WordPress plugins most at risk

ZDNet focused its report on eight popular plugins that are providing hackers the most opportunities; so if any of these are installed on your website, stop what you’re doing and go update them:

Duplicator (1 million+ installs)

Duplicator successfully gives WordPress users the ability to migrate, copy, move, or clone a site from one location to another, and also serves as a simple backup utility.

Duplicator handles serialized and base64 serialized replacements. Standard WordPress migration and WordPress backups are easily handled by this plugin as are zero downtime migrations.

ThemeGrill Demo Importer (200,000 installs)

ThemeGrill Demo Importer allows users to import ThemeGrill official themes demo content, widgets, and theme settings with just one click.

Profile Builder Plugin (65,000 installs)

A plugin that generates shortcodes for creating front-end login, user registration, and edits profile forms making the process simpler and easier for end-users.

Flexible Checkout Fields for WooCommerce (20,000 installs)

With this plugin, you can edit the default WooCommerce checkout fields (change labels, hide, and delete) or add your own.

ThemeREX Add-ons

If you’re using a ThemeREX theme, check out any add-ons or plugins you’ve installed to make sure they’re up to date.

Async JavaScript (100K installs)

This plugin allows you to control when JavaScript loads or doesn’t load on your pages to protect load times and increase site performance.

10Web Map Builder for Google Maps (20k installs)

10Web Map Builder for Google Maps allows users to add unlimited maps to their website.

Modern Events Calendar Lite (40k installs)

Modern Events Calendar is an events management plugin used for displaying events calendars on websites.

WordPress site security

At IMPACT, we often recommend the HubSpot CMS to our clients to avoid vulnerabilities created by WordPress plugins. That being said, HubSpot isn’t a viable option for every business’ CMS, so we develop dozens of websites on WordPress each year as well.

For any website we build on WordPress, we stipulate that our clients have to use WP Engine as their hosting platform to protect against attacks.

WP Engine offers security features such as monitoring plugins, ensuring any that are out of date are updated and notifying their customers of vulnerabilities as they emerge.

It’s never a bad time to do an analysis of your website’s security, whether you use WordPress or not. The internet can be a dangerous place, so following best practices to protect your business’ data is never a bad idea.

Topics:

News
WordPress
Published on March 9, 2020

Recent Articles

Drift report on pandemic fallout reveals seismic shift in marketing strategy

By Paul D. Grant on September 9, 2021
2 min read

Google shares new tools to audit website user experience

By Paul D. Grant on August 12, 2021
3 min read

Google: Website content quality more important than quantity

By Paul D. Grant on August 10, 2021
3 min read

New HubSpot CMS Hub starter tier released for growing businesses

By Paul D. Grant on August 6, 2021
4 min read

Why most marketing 'news' doesn't matter to inbound marketers

By Liz Moorehead on August 3, 2021
4 min read

Gartner: Slashed 2021 marketing budgets increases in-house ownership

By Liz Moorehead on July 30, 2021
6 min read

ICYMI: Digital marketing news update for July 26, 2021

By Liz Moorehead on July 26, 2021
6 min read

How to optimize videos on your business website for search

By Liz Moorehead on July 23, 2021
4 min read

Data: 'Funny' seniors imagery is not only demeaning, it's inaccurate

By Liz Moorehead on July 21, 2021
4 min read

ICYMI: Digital marketing news update for July 19, 2021

By Liz Moorehead on July 19, 2021
6 min read

Google: 'Here's how to prepare for the future private web'

By Liz Moorehead on July 16, 2021
4 min read

How Facebook's news feed algorithm works and prioritizes content

By Liz Moorehead on July 14, 2021
4 min read

ICYMI: Digital marketing news update for July 12, 2021

By Liz Moorehead on July 12, 2021
5 min read

Too many internal links in content can confuse Google about site structure

By Liz Moorehead on July 9, 2021
5 min read

Data: Facebook is No. 1 in revenue value for publishers, Twitter is a bust

By Liz Moorehead on July 7, 2021
4 min read

ICYMI: Digital marketing news update for July 6, 2021

By Liz Moorehead on July 6, 2021
5 min read

Google July 2021 core update rolling out over next 2 weeks

By Liz Moorehead on July 2, 2021
4 min read

ICYMI: Digital marketing news update for June 28, 2021

By Liz Moorehead on June 28, 2021
6 min read

Google punts third-party cookie ban to 2023 for 'responsible planning'

By Liz Moorehead on June 25, 2021
6 min read

ICYMI: Digital marketing news update for June 21, 2021

By Liz Moorehead on June 21, 2021
5 min read

Finally, Google page experience core update is rolling out

By Liz Moorehead on June 18, 2021
3 min read

Apple Mail privacy news spooks email marketers, newsletter creators

By Liz Moorehead on June 16, 2021
4 min read

ICYMI: Digital marketing news update for June 14, 2021

By Liz Moorehead on June 14, 2021
6 min read

ICYMI: Digital marketing news update for June 7, 2021

By Liz Moorehead on June 7, 2021
6 min read

Google June 2021 core update live, July core update coming

By Liz Moorehead on June 4, 2021
3 min read