How Attackers Gain Access to WordPress Sites [↗]
Plugins play a big part in making WordPress as popular as it is today. As of this writing there are 43,719 plugins available for download in the official WordPress plugin directory. That is an incredible selection of plug and play software. But you obviously need to be careful with them, as plugin vulnerabilities represented 55.9% of the known entry points reported by respondents.
Some interesting statistics, I’m not surprised that plugins are at the top of the list, but I am slightly surprised that brute forcing is at no. 2. I imagined themes and plugins would be roughly equal in terms of vulnerabilities.