Wordfence: Hackers exploit plug-ins most often
From Wordfence, a remarkable statistical analysis of how hackers gain control of WordPress sites.
As you can see, password theft is a distant 8th place. Exploiting plug-ins provides the most-often-used pathway into a Web site for hackers. According to Wordfence’s blog, there are three ways you can protect yourself:
- Keep your plug-ins updated
- Don’t use abandoned plug-ins
- Only use a plug-in downloaded from a reputable source.
For more information, and to learn more about the #2 threat, brute-force attacks, read the entire post.