98% of WordPress Blogs Vulnerable

Did that headline get your attention? It should because it’s true. It may or may not actually be 98% but it is high! Do me a favor and if you use WordPress, go check what version you are running. You can find it at the bottom of your WordPress admin screen. Now that you’ve done that, answer these two questions:

1. Is it WordPress 2.2?
2. Is it WordPress 2.0.10?

If you answered no to both of these questions, you’re vulnerable. Go upgrade now, please. I’ll wait.

BlogSecurity surveyed 50 WordPress blogs and found that in 49 out of 50 cases, the WordPress blog is not one of the currently maintained branches of the software - WordPress 2.0.10, the latest in the 2.0 branch which will be maintained until 2010, or WordPress 2.2.

Feeling violated?

I didn’t believe the number so I did an informal survey myself. Guess what? Nine of the ten blogs I looked at also were not up to date.

The reality is that most people don’t want to take the time to keep their blog up to date or worse yet, they wait for their host to do it for them. At my last job, we had a saying: Cover your ass because no one else will cover it for you. If you are not able to handle this, hire someone (like me) to take care of it for you for a fee. The investment is worth it if you value your blog.

For the record, WordPress 2.1 and all it’s subsequent releases in that branch are security hazards. WordPress 1.5? Please don’t get me started.

BlogSecurity’s survey results, for whatever they are worth are as follows:

Crazy, eh? Who’s running WordPress 1.5-gamma?

• 
• Stumble it!

About the Author: Aaron Brazell is the lead editor of Technosailor.com and a social media expert. His passion is to see companies and individuals use the internet and web technologies wisely and effectively to promote their brands and companies. He is Business Development Manager for Lijit and he worked as Director of Technology at b5media from 2005-2008 and is currently an independent consultant.