Indeed, majority of vulnerabilities originate from the plugins and themes. On average a WordPress website has like 18 plugins installed - 42% of those sites have at least one of those plugins with a known security vulnerability. If you look at critical security vulnerabilities found in plugins in 2021, you see that 29% of those didn't even receive a patch from the original developer. That means users who use those plugins never become aware of security issue in the plugin and WordPress just showed that the plugin is "up to date". The fact that there is 150% more vulnerabilities identified in 2021 compared to 2020 is actually a good sign - it means that there is more attention to security and more issues are being fixed.
Patchstack.com | Laravel/Vue Developer (Full-Stack) | FULL-REMOTE | EU Timezone
We provide a tool for developers to automatically protect websites from third-party library/plugin vulnerabilities by powering community driven security research through a gamified bug hunting platform.
Patchstack is the winner of 2021 Global Infosec Awards in two categories - Open Source Security and Web Application Security.
We're looking for a team player who has years of development experience and is product minded. You can help us build both the front-end and the backend of our products. We also give a lot of flexibility and opportunities for work related responsibilities, self-development and for your free time.
We are not looking for staff augmentation, agencies or freelancers. We're looking for a full-time team member who can grow with the rest of the team.
Interested? Reach out to oliver.sild@patchstack.com
