The total number of vulnerabilities in Web applications reported by researchers jumped to 17,142 in 2018, climbing more than 21% compared to the previous year and driven in part by the large number of flaws found in Web applications and application programming interfaces.
Popular content management system (CMS) WordPress had the most reported vulnerabilities, with 542. WordPress has a large ecosystem that includes more than 54,000 plug-ins: those same third-party plugins accounted for almost all—98%—of the Web security issues found by researchers last year, according to Web security firm Imperva, which published its findings in a report this week.
That popularity and extensibility makes WordPress popular with Web developers but also with online attackers, says Nadav Avital, research manager for threat analytics at Imperva.
Leave a reply