Which CMS were the most vulnerable in 2022?
Posted: Wed Dec 04, 2024 8:50 am
CMS are more or less vulnerable and subject to malicious operations that can compromise the functioning of websites.
An analysis of web threats, with particular attention to CMS, was conducted by Sucuri , a leading company in the cybersecurity sector. The report describes in detail the trends and types of cyber iran telegram phone number list that most frequently affected CMS in 2022.
Table of Contents:
The most vulnerable CMS
Most frequent infections in 2022
Cyber Attacks: Some Data on 2022
The most vulnerable CMS
The study found that 50.58% of all CMS applications were out of date at the time of infection. This is largely due to a lack of CMS updates. Specifically, 49.8% of WordPress installations were out of date, and 36% of all compromised websites included at least 1 vulnerable plugin or theme. This data highlights the importance of updating and applying security patches when available, mitigating the risk of bugs and reducing the attack surface.
The data revealed that WordPress, by far the most popular CMS, accounted for 96.2% of infections in 2022. Joomla (1.9%) and Magento (0.7%) followed. However, the automatic update introduced by WordPress had a benign effect.
Most frequent infections in 2022
Throughout 2022, the malware operated by injecting malicious JavaScript and PHP scripts to redirect visitors to scam or spam websites, steal login credentials, or deliver drive-by downloads.
For example, in 2022 alone, over 141,000 websites scanned by SiteCheck were found to be infected with malicious variants of a campaign targeting vulnerable WordPress components. SocGholish has also been successful: Also known as a “fake browser update” infection, once this malware inserts itself into compromised sites, users visiting the pages will be greeted with a believable browser update prompt that will result in a malicious drive-by download.
Unsuspecting users who download these files are unknowingly opening the door to a Trojan that will be used to carry out a ransomware attack.
An analysis of web threats, with particular attention to CMS, was conducted by Sucuri , a leading company in the cybersecurity sector. The report describes in detail the trends and types of cyber iran telegram phone number list that most frequently affected CMS in 2022.
Table of Contents:
The most vulnerable CMS
Most frequent infections in 2022
Cyber Attacks: Some Data on 2022
The most vulnerable CMS
The study found that 50.58% of all CMS applications were out of date at the time of infection. This is largely due to a lack of CMS updates. Specifically, 49.8% of WordPress installations were out of date, and 36% of all compromised websites included at least 1 vulnerable plugin or theme. This data highlights the importance of updating and applying security patches when available, mitigating the risk of bugs and reducing the attack surface.
The data revealed that WordPress, by far the most popular CMS, accounted for 96.2% of infections in 2022. Joomla (1.9%) and Magento (0.7%) followed. However, the automatic update introduced by WordPress had a benign effect.
Most frequent infections in 2022
Throughout 2022, the malware operated by injecting malicious JavaScript and PHP scripts to redirect visitors to scam or spam websites, steal login credentials, or deliver drive-by downloads.
For example, in 2022 alone, over 141,000 websites scanned by SiteCheck were found to be infected with malicious variants of a campaign targeting vulnerable WordPress components. SocGholish has also been successful: Also known as a “fake browser update” infection, once this malware inserts itself into compromised sites, users visiting the pages will be greeted with a believable browser update prompt that will result in a malicious drive-by download.
Unsuspecting users who download these files are unknowingly opening the door to a Trojan that will be used to carry out a ransomware attack.