WP SECURITY SEP 2021 centralised abuse highlights

WP SECURITY SEP 2021 Centralised Abuse Highlights

BRIEF:

Attack vectors seems to be focused on niche business areas, eshop targeting and personal or private data exfiltration. Highly targeted campaign against frameworks to reach multiple tartgets, eshops, WooCommerce, payment processing and security plugins. Be informed about the WP SECURITY SEP 2021 centralised abuse highlights. As these specific hacking points and vulnerabilities have a severe negative impact on WordPress Security, consider our FREE security AUDIT.

WARNING:

WP SECURITY SEP 2021 centralised abuse highlights reported significant increases on all segments, compared to August 2022 (previous report), which was already pretty bad.

 

 

 

 

CSRF – Cross-Site Request Forgery 2022

• WP SECURITY September 2022 – It is a -42% decrease compared to August 2022. An estimated 192.100+ active WordPress installations were susceptible to CSRF attack types.
• August 2022 – It is a -41.5% decrease compared to July 2022. An estimated 275.000+ active WordPress installations were susceptible to CSRF attack types.
• July 2022 – It is a 253% increase compared to June 2022. An estimated 218.000+ active WordPress installations were susceptible to CSRF attack types.
• June 2022 – It is a 400% increase compared to May 2022. An estimated 2.174.800+ active WordPress installations were susceptible to CSRF attack types.
• May 2022 – It is a -76% decrease compared to April 2022. An estimated 30+ active WordPress installations were susceptible to CSRF attack types.
• April 2022 – It is a -7% decrease compared to March 2022. An estimated 268.000+ active WordPress installations were susceptible to CSRF attack types.
• March 2022 – It is a 7.68% increase compared to February 2022. An estimated 781.000+ active WordPress installations were susceptible to CSRF attack types.
• February 2022 – It is a whopping 1200% increase compared to January 2022. An estimated 2.2+ million active WordPress installations were susceptible to CSRF attack types.
• January 2022 – It is a 75% decrease compared to December 2020. An estimated 40.000+ active WordPress installations were susceptible to CSRF attack types.

XSS – Cross-Site Scripting 2022

• WP SECURITY September 2022 – It is a 52% increase compared to August 2022. An estimated 8.699.000+ active WordPress installations were susceptible to XSS attack types.
• August 2022 – It is a 94% increase compared to July 2022. An estimated 2.596.000+ active WordPress installations were susceptible to XSS attack types.
• July 2022 – It is a 79% increase compared to June 2022. An estimated 3.832.000+ active WordPress installations were susceptible to XSS attack types.
• June 2022 – It is a 59% increase compared to May 2022. An estimated 3.369.200+ active WordPress installations were susceptible to XSS attack types.
• May 2022 – It is a -48% decrease compared to April 2022. An estimated 2.176.000+ active WordPress installations were susceptible to XSS attack types.
• April 2022 – It is a 85% increase compared to March 2022. An estimated 9.989.000+ active WordPress installations were susceptible to XSS attack types.
• March 2022 – It is a 154% increase compared to February 2022. An estimated 6.178.000+ active WordPress installations were susceptible to XSS attack types.
• February 2022 – It is a 57% increase compared to January 2022. An estimated 2.465.600+ active WordPress installations were susceptible to XSS attack types.
• January 2022 – It is a 27% increase compared to December 2020. An estimated 1.690.000+ active WordPress installations were susceptible to XSS attack types.

SQL Injections 2022

• WP SECURITY September 2022 – It is a -15% decrease compared to August 2022. An estimated 49.000+ active WordPress installations were susceptible to SQL injection attack types.
• August 2022 – It is a -28% decrease compared to July 2022. An estimated 5.446.000+ active WordPress installations were susceptible to SQL injection attack types.
• July 2022 – It is a 150% increase compared to June 2022. An estimated 5.346.000+ active WordPress installations were susceptible to SQL injection attack types.
• June 2022 – It is a 25% increase compared to May 2022. An estimated 317.100+ active WordPress installations were susceptible to SQL injection attack types.
• May 2022 – It is exactly a similar trend compared to April 2022. An estimated 50.000+ active WordPress installations were susceptible to SQL injection attack types.
• April 2022 – It is a -83% decrease compared to March 2022. An estimated 50.000+ active WordPress installations were susceptible to SQL injection attack types.
• March 2022 – It is a 50% increase compared to February 2022. An estimated 210.000+ active WordPress installations were susceptible to SQL injection attack types.
• February 2022 – It is a 33% increase compared to January 2022. An estimated 211.000+ active WordPress installations were susceptible to SQL injection attack types.
• January 2022 – It is a 200% increase compared to December 2020. An estimated 623.000+ active WordPress installations were susceptible to SQL injection attack types.

Unrestricted Access Issues 2022

• WP SECURITY September 2022 – It is a 42% increase compared to August 2022. An estimated 2.361.000+ active WordPress installations were susceptible to security circumvention attack types.
• August 2022 – It is a -25% decrease compared to July 2022. An estimated 5.844.000+ active WordPress installations were susceptible to security circumvention attack types.
• July 2022 – It is a 20% increase compared to June 2022. An estimated 1.171.000+ active WordPress installations were susceptible to security circumvention attack types.
• June 2022 – It is a 16% increase compared to May 2022. An estimated 7.654.600+ active WordPress installations were susceptible to security circumvention attack types.
• May 2022 – It is a -28% decrease compared to April 2022. An estimated 4.499.000+ active WordPress installations were susceptible to security circumvention attack types.
• April 2022 – It is a 25% increase compared to March 2022. An estimated 2.630.000+ active WordPress installations were susceptible to security circumvention attack types.
• March 2022 – It is a 55.5% increase compared to February 2022. An estimated 3.061.000+ active WordPress installations were susceptible to security circumvention attack types.
• February 2022 – It is a 339% increase compared to January 2022. An estimated 2.169.000+ active WordPress installations were susceptible to security circumvention attack types.
• January 2022 – It is a 260% increase compared to December 2020. An estimated 493.000+ active WordPress installations were susceptible to security circumvention attack types.

Pharma Hacks 2022

• WP SECURITY September 2022 – It is a -76% decrease compared to August 2022. An estimated 1.149.000+ active WordPress installations were susceptible to pharma hack attack types.
• August 2022 – It is a 114% increase compared to July 2022. An estimated 10.417.000+ active WordPress installations were susceptible to pharma hack attack types.
• July 2022 – It is a 163% increase compared to June 2022. An estimated 1.097.000+ active WordPress installations were susceptible to pharma hack attack types.
• June 2022 – It is a -11% decrease compared to May 2022. An estimated 290.000+ active WordPress installations were susceptible to pharma hack attack types.
• May 2022 – It is a -43.75% decrease compared to April 2022. An estimated 663.000+ active WordPress installations were susceptible to pharma hack attack types.
• April 2022 – It is a 14.5% increase compared to March 2022. An estimated 1.340.000+ active WordPress installations were susceptible to pharma hack attack types.
• March 2022 – It is a 75% increase compared to February 2022. An estimated 504.000+ active WordPress installations were susceptible to pharma hack attack types.
• February 2022 – It is a similar high trend compared to January 2022. An estimated 1.951.000+ active WordPress installations were susceptible to pharma hack attack types.
• January 2022 – It is a 60% increase compared to December 2020. An estimated 5.600.000+ active WordPress installations were susceptible to pharma hack attack types.

Sensitive Data Disclosures 2022

• WP SECURITY September 2022 – It is a -39% decrease compared to August 2022. An estimated 6.561.000+ active WordPress installations were susceptible to data exfiltration attack types.
• August 2022 – It is a 20% increase compared to July 2022. An estimated 626.000+ active WordPress installations were susceptible to data exfiltration attack types.
• July 2022 – It is a 50% increase compared to June 2022. An estimated 807.000+ active WordPress installations were susceptible to data exfiltration attack types.
• June 2022 – It is a 900% increase compared to May 2022. An estimated 410.000+ active WordPress installations were susceptible to data exfiltration attack types.
• May 2022 – It is a -85% decrease compared to April 2022. An estimated 200.000+ active WordPress installations were susceptible to data exfiltration attack types.
• April 2022 – It is a 40% increase compared to March 2022. An estimated 370.000+ active WordPress installations were susceptible to data exfiltration attack types.
• March 2022 – It is a 28% decrease compared to February 2022. An estimated 113.000+ active WordPress installations were susceptible to data exfiltration attack types.
• February 2022 – It is a 133% increase compared to January 2022. An estimated 1.121.000+ active WordPress installations were susceptible to data exfiltration attack types.
• January 2022 – It is a 50% increase compared to December 2020. An estimated 114.000+ active WordPress installations were susceptible to data exfiltration attack types.

WP Core Vulnerability 2022

• September 2022 – 3 new WP Core Vulnerabilities reported in September. An estimated 42.9% of the ENTIRE INTERNET were susceptible and exposed to publicly reported vulnerability.
• May 2022 – 1 new WP Core Vulnerabilities reported in April. An estimated 41.7% of the ENTIRE INTERNET were susceptible and exposed to publicly reported vulnerability.
• April 2022 – 2 new WP Core Vulnerabilities reported in April. An estimated 41% of the ENTIRE INTERNET were susceptible and exposed to publicly reported vulnerability.

WP themes vulnerability 2022

• September 2022 – 3 WP Theme vulnerabilities reported in September. It is a -50% decrease compared to July 2022.
• July 2022 – 6 WP Theme vulnerabilities reported in June. It is exactly a similar trend compared to June 2022.
• June 2022 – 6 WP Theme vulnerabilities reported in June. It is a -33% decrease compared to May 2022.
• May 2022 – 9 WP Theme vulnerabilities reported in May. It is a -30% decrease compared to April 2022.
• April 2022 – 13 WP Theme vulnerabilities reported in April.

Blacklisted/CLOSED WP PLUGINS 2022

• WP SECURITY September 2022 – 84 Blacklisted/CLOSED WP PLUGINS reported in September. It is a 32% increase compared to August 2022.
• August 2022 – 64 Blacklisted/CLOSED WP PLUGINS reported in July. It is a 20.7% increase compared to July 2022.
• July 2022 – 53 Blacklisted/CLOSED WP PLUGINS reported in June. It is a 382% increase compared to June 2022.
• June 2022 – 11 Blacklisted/CLOSED WP PLUGINS reported in June. It is exactly a similar trend compared to May 2022.
• May 2022 – 11 Blacklisted/CLOSED WP PLUGINS reported in May.