Matthias Rebbe wrote:
> One problem i see with WordPress is, that its popularity make it a
> popular target for hackers.
Any sufficiently popular system will be *targeted* by hackers. The
question is: how many result in a successful exploit?
Aiming for a target and actually hitting it are usually very different
I subscribe to a few security newsletters (I've found O'Reilly's
particularly worthwhile), and CVEs against WP seem reasonably rare the
days, with quickly deployed updates to counter them. I see CVEs against
every OS far more regularly. While there was a spate of PHP issues just
after the turn of the century, in recent years we don't even see much
people (every web browser).
Popularity may guide hacks, but with WP it's also a very strong plus:
the ecosystem of plugins and themes is vast. And even on the security
side, its popularity is useful by providing more eyeballs reviewing and
Overall, I'd say WP is no less safe than just about any alternative,
provided you do the basic stuff any system requires: automate security
updates, use only the latest release version, use strong and unique
passwords, always use HTTPS (Let's Encypt now makes that both free and
Ass we've seen with most exploits, those involving WP sites were usually
running outdated versions, or had weak passwords, or some other
easily-avoidable weakness unrelated to the system itself.
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web
use-livecode mailing list
Please visit this url to subscribe, unsubscribe and manage your subscription