Study Reveals Huge WordPress Security Issues

Blame is directed at WordPress plugins, which create major vulnerabilities, with many never getting patched.

WordPress may be one of the most popular website builders in the world, but a recent study found that it's plagued with a wide range of substantial security vulnerabilities that never get patched.

With security breaches, ransomware attacks, and phishing scams becoming part of everyday life on the web, cybersecurity has never been more important to businesses around the world. Subsequently, the best website builders are expected to have the infrastructure to at least provide the basics when it comes to protecting its users.

Unfortunately, that does not appear to be the case at WordPress, as security flaws apparently run rampant throughout the popular website builder's websites.

The State of WordPress Security

One of the best aspects of WordPress is that it allows for a wide range of plug-ins, which can customize the website and provide helpful functionality for businesses trying to attract customers, produce content, and generally engage online. Unfortunately, that's one of the biggest downfalls for WordPress when it comes to security.

“Vulnerabilities from plugins and themes remain as one of the biggest threats to websites built on WordPress.”

According to the study from Patchstack, there has been a 150% increase in WordPress vulnerabilities since last year, which as researchers put it is “a significant increase.” Even worse, 29% of these vulnerable WordPress plug-ins are never patched, leaving the door open for some serious security problems.

29% 0f WordPress vulnerabilities are never patched

To be fair, though, WordPress is not technically the problem. The core platform for WordPress represents a mere 0.58% of security vulnerabilities. Unfortunately, the massive library of plug-ins is the downfall here, so if you want to stay secure, it's best to avoid these tools if you can.

Is WordPress a Good Website Builder?

Despite the fact that 43.2% of all websites are powered by WordPress, our research shows that it doesn't offer much compared to its competitors. Unless you're interested in a blogging site, which we'll admit WordPress is great for, this website builder isn't ideal for any business.

For one, it's customizability is limited and, according to this research, comes at a price as far as security is concerned. Additionally, the overall functionality for design, ecommerce, and analytics is severely lacking compared to competitors like Wix and Shopify.

If you're interested in getting a website builder for your business, we've done a whole bunch of research to help you choose. Take a look at the table below and visit our best website builders guide to make the decision even easier.

0 out of 0
Overall Score
All research categories, condensed into one score
Paid plan
Number of templates
Try it Today

$2.69/month with code “TECH”

$1/month (first 12 months)

Over 800









Over 100

  • Great templates
  • Friendly onboarding experience
  • Advanced business functionality like CRM
  • SEMRush integration for keyword SEO support
  • Email and social marketing tools
  • Best knowledge center available
  • Robust analytics features
  • Plenty of apps
  • Good multi-channel integration
  • Fast server response time
  • Only $1/month for first three months
  • Quick, efficient website building
  • Easy to use SEO guidance
  • Plenty of must-have features built-in
  • Robust free plan
  • Great for beginners
  • Lots of SEO guidance
  • Very affordable platform
  • Easy to use with simple grid layout
  • Advanced features like heatmap and logo maker
  • Speedy set up
  • Decent ecommerce features
  • Brilliant for bloggers
  • Easy to set up
  • Large and helpful user community
  • International growth features built-in
  • Quickest server response team
  • Best mobile site speed performance
  • ADI functionality
  • Best cost per feature option
  • Dedicated mobile editor view
  • Relatively slow server response time
  • Not the most intuitive platform
  • Slower site speed
  • No advanced customization options
  • Design is more restrictive, less intuative than other builders
  • High transaction fee if not using Shopify Payments
  • Limited customization options
  • Website design is quite restrictive
  • Solid range of SEO features
  • A bit outdated design-wise
  • Few platform updates
  • Worst server response time
  • No app store
  • Limited marketing features
  • Little onboarding help at setup
  • Dull templates
  • Confusing navigation
  • Not the best choice for ecommerce
  • Slightly inflexible editor
  • No free plan or trial
  • Limited customization
  • Few advanced marketing features
  • No blog functionality
  • Limited SEO features
  • No internal marketing capabilities
Did you find this article helpful? Click on one of the following buttons
We're so glad you found this helpful! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:

Conor is the Lead Writer for For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at

Explore More See all news
Back to top
close Step up your business video conferencing with GoToMeeting, our top rated conferencing app – try it free for 14 days Try GoToMeeting Free