WordPress has experienced exponential growth in the past several years and as a result has seen an increase in developers contributing to WordPress. With that growth, WordPress has seen an increase in attackers looking for vulnerabilities in WordPress plugins and themes to exploit.
|Moments ago, the Wordfence Threat Intelligence Team published a white paper covering the most common WordPress vulnerabilities that we find introduced in plugins and themes, along with recommendations as to how these vulnerabilities can be remediated and avoided.
We hope that this will serve as a guide to all WordPress developers, both new and established, and to all security researchers hoping to make the WordPress Plugin and Theme ecosystem more secure with their research.
You can download the paper on this post.