3 WordPress Security Vulnerabilities You Need to Watch Today

Source: Artificial Intelligence on Medium

Is your WordPress website secure? Are you certain? Every platform has its flaws, so don’t be overconfident. Security issues are often right under your nose, too. They get exploited without companies realizing it or they could’ve been prevented weeks to months prior.

The worse part of all? They’re usually a result of a human error. Small mistakes we make every day compound into bigger problems. They, unfortunately, can cost your business thousands of dollars or more, too.

Since WordPress powers 20% of the internet, I’m going to touch on some common security vulnerabilities to be aware of.

1. Weak passwords

How many of you rely on Google Chrome’s password saver to remember all of your passwords? We’re all guilty of it at some point. Nonetheless, it’s not a great security practice. Marketers need to make storing and creating passwords more seriously.

While your dog’s name is nice, it probably isn’t the most secure. That’s why you should use a secure password generator like this one from Norton. They’re the anti-virus guys, after all!

Adjust the password length knob and checkboxes and it will generate a password that NASA scientists would have trouble cracking. Click the copy button and navigate to the WordPress profile page from the admin dashboard.

Click the “Generate Password” option and paste the Norton password in the field.

Select “Update Profile” at the bottom of the page and your WordPress account will be much more secure.

2. Malware

Viruses sneak in your WordPress website like the common cold gets in your immune system — without you noticing. These can completely break your website, leak sensitive information, and compromise customer data. Not good.

You could sit at a desk all day waiting for the malware to pop up like whack-a-mole or use a marketing security solution instead. This type of software runs in the background of a business, alerting operators of any suspicious activity. You can take action when events occur instead of spending valuable time monitoring.

I also suggest installing a free plugin like WordFence. It will set you up with all of the essentials to keep your website safe. This includes a firewall, brute force protection, and virus detection.

3. Outdated plugins and themes

Like I said earlier: it’s human errors that often cause the most problems. They’re going to happen eventually, too. Unless you’re Superman, of course! But, presuming you’re an everyday marketer like me, you need to keep an eye out for this common WordPress security vulnerability.

Plugins and themes are built on code. Mostly PHP to be specific. And, that code eventually will be outdated as it needs constant updates to keep up with the CMS itself. When a plugin is outdated, it’ll still work. Sure. However, it will be more prone to being exploited since it’s an easy way in for attackers.

Make a consistent schedule to regularly check and download the latest updates of plugins and themes. These can be found directly on the WordPress dashboard on the “Updates” pages.


Your digital presence is mostly built on your company’s website. Take care of it. The last thing you want is anything to happen to the asset that’s generating revenue.

Marketers can keep their WordPress websites safe from common exploits by setting secure passwords, using malware protection, and keeping plugins and themes updated.

All of this can be done by hand, although it requires a lot of precious time. That’s why you should try Morphio today for free. Our marketing security software automates the mundane to give you back time better spent on high ROI tasks.