from the somehow-not-a-surprise dept.
BlogSecurity writes "Security analyst David Kierznowski shocked bloggers yesterday with a survey showing that 49 out of the 50 WordPress blogs he checked seem to be running exploitable versions of the widely used software. He said, 'The main concern here is the lack of security awareness amongst bloggers with a non-technical background, and even those with a technical background.' Mr Kierznowski also uncovered recent vulnerabilities in WordPress plugins that ship by default with the software, adding: 'WordPress users developing plugins must be aware of the security functions that WordPress supports, and ensure that these functions are used in their code.'"
The most difficult thing in the world is to know how to do a thing and to
watch someone else doing it wrong, without commenting.
-- T.H. White