It has been analysed that about twelve of the most reckoned WordPress plug-ins are having un-patched risks and flaws with them. In fact, such vulnerabilities are founded in the most downloaded and easily available plug-ins that could really let attackers to compromise websites. Irrespective of regular updates, developers have failed to fix such bugs.
Read full story on the same at http://www.scmagazine.com.au/News/347559,holes-found-in-most-popular-wordpress-plugins.aspx.