WordPress, Apache Struts Attract the Most Bug Exploits

guest · Mar 22, 2020

WordPress, Apache Struts Attract the Most Bug Exploits
An analysis found these web frameworks to be the most-targeted by cybercriminals in 2019
March 18, 2020
https://threatpost.com/wordpress-apache-struts-most-bug-exploits/153927/

WordPress and Apache Struts vulnerabilities were the most-targeted by cybercriminals in web and application frameworks in 2019 – while input-validation bugs edged out cross-site scripting (XSS) as the most-weaponized weakness type.

That’s according to the RiskSense Spotlight Report, which analyzed 1,622 vulnerabilities from 2010 through November of 2019. Web frameworks streamline the development and deployment of applications and websites. Instead of requiring developers to code every line of PHP, HTML, etc., a framework can provide them with ready-made building blocks for many common tasks.

“Even if best application development practices are used, framework vulnerabilities can expose organizations to security breaches. Meanwhile, upgrading frameworks can be risky because changes can affect the behavior, appearance or inherent security of applications,” said Srinivas Mukkamala, CEO of RiskSense, in a media statement
Click to expand...

In total, 27.7 percent of WordPress vulnerabilities were weaponized. Apache Struts had the third most-weaponized vulnerabilities and had one of the highest overall weaponization rates across all frameworks, the report found; and, 38.6 percent of all Struts vulnerabilities were weaponized.

“It’s no surprise that Apache Struts is one of the most weaponized application frameworks out there,” Mehul Revankar, director of product management at SaltStack, told Threatpost. “It’s a key dependency for a many modern web applications, and it’s not easily known whether it’s in use or not by an application.”
Click to expand...

RiskSense: RiskSense Spotlight Report Finds WordPress and Apache are Most Weaponized Web and Application Frameworks

Log in or Sign up

WordPress, Apache Struts Attract the Most Bug Exploits

guest Guest

Log in or Sign up

WordPress, Apache Struts Attract the Most Bug Exploits

guest Guest

Useful Searches