How the Latest WordPress Security Issue Is Impacting Enterprises

Mehdi Karimi, Ph. D.

Enterprise organizations need to prioritize security for their business-critical software, and this includes their content management system. Since content experiences drive business success in today’s digital era, companies can’t afford to have a CMS security issue that causes their website to go down or leaks customer data.

While a security breach can lead to a loss of sensitive data or intellectual property, it can also negatively impact a company’s reputation and customer trust. For example, the latest WordPress security issue has sparked many questions around the security of the CMS platform as well as the websites that have chosen to rely on it.

What is the WordPress Mass Infection?

In recent months, nearly 11,000 websites powered by the WordPress platform have been infected with malware. This malware redirects visitors to different low-quality sites to gain fraudulent views of ads from Google Adsense. The scam is currently aimed at earning ad revenue by generating organic-looking traffic to landing pages, but the malware could also be used for more malicious behavior in the future.

Once a site has been infected with the malware, it’s very difficult to disinfect it. An obfuscated PHP script is hidden within legitimate WordPress files and acts as a backdoor that can easily reinfect a website. Sucuri, the security firm that discovered the mass infection, has offered guidance for removing malware and cleaning a hacked WordPress site.

WordPress Doesn’t Have Enterprise-Grade Security

While it’s not currently clear how sites are becoming infected with this latest malware attack, it’s also not the first time WordPress has been impacted by security issues. In fact, the most common method for WordPress security breaches in the past has been to exploit outdated and vulnerable plugins. 

Last year, researchers at Georgia Institute of Technology discovered more than 47,000 malicious plugins installed on 25,000 different WordPress sites. Many of these plugins were installed from legitimate marketplaces like the Ninja Forms plugin with a critical vulnerability that potentially impacted nearly one million WordPress sites. Some malicious actors also buy the codebases of popular free plugins, add malicious code to them, and then wait for WordPress users to apply automatic updates.

The problem is that WordPress is the most widely used CMS on the web, making the platform an enticing target for attackers. Many malicious actors use exploit kits and automated tools that help them scan WordPress sites to find known vulnerabilities and exploit them. These vulnerabilities mostly exist in third-party plugins and themes, but even outdated CMS core code itself can contain security issues.

WordPress VIP aims to deliver an enterprise-grade CMS experience, but the platform is still plagued with vulnerabilities that stem from outdated plugins and its legacy architecture. Many companies find it difficult to keep the CMS and all its extensions up-to-date, which leaves them exposed to unauthorized access, malware, skimming, SQL injections, and more other cyber threats.

Enterprises Need a Truly Secure CMS Solution

Cyberthreats are only going to continue, so enterprises need to look for a CMS that prioritizes security. At dotCMS, we’re committed to providing the highest level of security for our CMS platform and customer sites. This includes compliance with security and data privacy regulations like GDPR and certified through compliance certifications like SOC2

dotCMS Cloud provides seamless core upgrades and the automated roll-out of security fixes as soon as they become available, preventing outdated software from introducing security vulnerabilities. The platform also comes with a native web application firewall (WAF) to filter out malicious traffic before it reaches dotCMS servers. These robust security features, along with the headless architecture of dotCMS Cloud, provides greater protection against common cyber threats.

In addition, dotCDN is a content delivery network (CDN) that helps you bring your content closer to users while protecting against cyber threats. For example, the secure CDN prevents distributed denial of service (DDoS) attacks, where malicious actors flood a website with excessive traffic to prevent legitimate users from visiting. The CDN also includes real-time monitoring, geo-fencing, and edge-rules to block anomalous or undesired traffic.

Altogether, both dotCMS solutions provide the security features enterprises need to protect their websites and content from the cyber threats that have been impacting WordPress users. Learn more about security at dotCMS and consider adopting a truly secure CMS solution that fits into your broader enterprise cybersecurity strategy.

Image Credit: Fikret tozak
Mehdi Karimi, Ph. D.
Director of Cyber Security
March 07, 2023

Recommended Reading

Headless CMS vs Hybrid CMS: How dotCMS Goes Beyond Headless

What’s the difference between a headless CMS and a hybrid CMS, and which one is best suited for an enterprise?

Why Global Brands Need a Multi-tenant CMS

Maintaining or achieving a global presence requires effective use of resources, time and money. Single-tenant CMS solutions were once the go-to choices for enterprises to reach out to different market...

14 Benefits of Cloud Computing and Terminology Glossary to Get You Started

What is cloud computing, and what benefits does the cloud bring to brands who are entering into the IoT era?