According to the detailed study report of a concentrated research, about seven out of ten WordPress e-Commerce plug-ins are vulnerable and easier to hack. For the first time, such comprehensive survey has been conducted in order to test the security of WordPress leading plug-ins. Hackers and third parties can easily exploit such vulnerable applications to access such sensitive data including financial details, health records and personally identifiable information. Other flaws allow them to redirect the websites to other attacker controlled sites. No matter, whether it is a WordPress based website for a small business or a bigger enterprise, here enlists is the steps what you can do.
- Download plug-ins only from authentic and reliable sources. WordPress.org is the one that you can trust on for downloading plug-ins that are not vulnerable and easy to attack ones to be used by hackers and external parties.
- Always evaluate and verify the security phrase of the plug-ins by scanning them rigorously for security and safety measures.
- Make sure whether your plug-ins is up to date or not. Never ignore or avoid notification emails or reminders related to your plug-in versions. There are third party services available that provide plug-in update notification service along with the management offering.
- Remove if there are any unused plug-ins. The code of unused and old plug-ins remains on the server no matter whether links are active or inactive. Schedule plug-ins cleaning as an integral part of your WordPress website admin activities.