The WordPress content management system is an open-source product which allows you to host an entire website with a complete management interface – this system also allows the operators to install plugins and modules which will provide specific services – for example, people install the Yoast SEO plugin to enhance and improve their SEO on the website.
Now there has been a research which states that there are 3 main WordPress plugins which allow cybercriminals to take advantage of WordPress websites which have the plugins installed.
The plugins which should be avoided are:
The security company Securi stated that these 3 plugins are responsible for 25% of all the known WordPress breaches.
Almost 10% of the compromised WordPress sites that we analyzed had a vulnerable version of RevSlider. When you combine RevSlider, Gravity Forms, and TimThumb,they account for 25% of the total compromised WordPress sites.