I looked and looked because I really wanted to see if this was the first full year WordPress Threat Report – and it looks like it is, it would be interesting if Wordfence could time machine some of this to see year-over-year changes in the volumes and types of WordPress attacks.


iThemes Security Pro

You don’t need an intergalactic bounty hunter to fight bad guys. iThemes Security Pro will secure and protect your WordPress sites from the wretched hive of scum and villainy across the internet! Prevent hacks, security breaches, malware and more. This is the way.


This report has some shockingly high numbers! B I L L I O N S!

  • 90 Billion Malicious WordPress Login Attempts
  • 4.3 Billion Vulnerability Exploit Attempts Targeting WordPress

The most interesting and frankly preventable threat outlined in the report is Nulled Plugins: “Overall, the Wordfence scanner found malware originating from a nulled plugin or theme on 206,000 sites, accounting for over 17% of all infected sites. Nulled plugins and themes are pirated copies of premium plugins and themes with their license checking features disabled or removed, which typically contain backdoor functionality.”

Subscribe to the daily-ish #MorningCoffee today.