WordPress Plugins Are Responsible for 98% of All The Vulnerabilities Found In WordPress

Read the Story

Show Top Comments

wordpress vulnerabilities come from the fact that wordpress on its own doesn’t do anything particularly useful so there’s an enormous ecosystem of badly-written PHP (but I repeat myself) plugins to give it functionality? Wow! very surprising conclusion!


Obviously. No?


To be fair, 98% of all WordPress functionality exists through plugins.


So… A shitty API or what? If security has to be handled by a plugin I can’t imagine the product is doing very much of the heavy lifting.


Is it even worth the hassle to use WordPress in anything above personal use? I’m learning HTMl, CSS and JavaScript at the moment, and the more I learn, the less I’m liking WordPress all together. I just feel like if you’re gonna build a commercial website, you should probably use commercial software or write your own website. Genuinely asking what people think of WordPress for business?