TECH NEWS: Using Wordpress For Your Site? Hackers Find WordPress Easy Pickings!

WordPress -- one of the most widely used tools on the Internet -- is rife with vulnerabilities to hack attacks. The problem lies mainly with the plug-ins. No less than 30 percent of the top 50 WordPress plug-ins were found to have one or more critical flaws, according to a recent study by Checkmarx. The results were shocking, said founder and CTO Maty Siman.

Checkmarx is releasing a study Tuesday on vulnerabilities in WordPress plug-ins. The task was daunting, Siman confessed.  Six months ago, the company started scanning just the top 50 WordPress plug-ins.

"We were overwhelmed by the sheer amount of results," Siman said.

So the researchers limited themselves to the five most critical vulnerabilities -- SQL injection, cross-site scripting, cross-site request forgery, file inclusion and pass reversal.

"Once we limited ourselves to those vulnerabilities, the results were more meaningful -- yet shocking," Siman said. "We found that 30 percent of the top 50 plug-ins were found to be vulnerable to at least one of the vulnerabilities."

With numbers like that, it's no wonder hackers are paying more attention to WordPress.

"They've found it's relatively easy to hack WordPress," Siman observed, "and the benefit of hacking such a website is huge, because once you find a vulnerability, you can hack into millions of websites."