Millions At Risk From Critical Vulnerabilities From WordPress Plugins

First time accepted submitter dougkfresh writes "Checkmarx's research lab identified that more than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection. Furthermore, a concentrated research into e-commerce plugins revealed that 7 out of the 10 most popular e-commerce plugins contain vulnerabilities. This is the first time that such a comprehensive survey was prepared to test the state of security of the leading plugins." It does seem that Wordpress continues to be a particularly perilous piece of software to run. When popularity and unsafe languages collide.

In case you were wondering...

[slashmydots]

Like I need another reason to hate Wordpress. In case you're not familiar, it's basically a website design suite for morons who don't know HTML or CSS even though I could teach both to a moderately intelligent monkey. It got so popular that it's the biggest hacking target on the entire internet and anyone who uses it is seen as a complete joke by actual web developers like me. If you see "wordpress experience" on a job listing, run! That company is beyond all hope.
br /. I think I can break down how this came about. People who aren't qualified to make a website hopped on, added a bunch of code that someone else wrote via a plugin, they have NO IDEA what it does or how it really works or that it should be updated, and then they send it out to the public internet on a cheapo host with little to no security. What could possibly go wrong there?