5 Companies That Dropped The Ball This Week

Email this CRN article

Popular WordPress E-Commerce Plugins Riddled With Security Flaws

WordPress, the popular blogging and content management application, has spurred growth of a significant market of plug-in applications. But this week the Israeli application security firm Checkmarx warned that many of those plug-ins are riddled with security vulnerabilities.

Some 60 million websites are built using WordPress. Checkmarx said seven of the 10 most popular plug-ins developed by third-party companies contained vulnerabilities, including SQL injection errors and cross-site scripting flaws that attackers could use to gain access to a hosting server and other WordPress sites hosted on the same server.

To be clear, these plug-ins aren't developed by WordPress. But other vendors, Apple being one example, make some effort to police the third-party software being offered for their platforms. Many of these plug-ins are available through the WordPress.org website. WordPress should step in and do the same to protect the WordPress community.


Email this CRN article

Get the latest channel news to your inbox every morning with the CRN Daily newsletter.