WordPress Plugins – What Are Their Security Risks?
The WordPress platform owes a lot of its popularity to the availability of thousands of plugins that perform any function a site owner may need. Simply put if you need to do something there is probably an existing plugin to do it. But what are the security risks that come with installing WordPress plugins? I will tie these threats to the central principles of information security which include Confidentiality, Integrity and Availability.
Confidentiality – Goal is to prevent the disclosure of information to unauthorized individuals or systems
Integrity – Goal is to ensure that data cannot be modified without detection
Availability – Goal is to ensure your site is available when someone tries to access it.
Plugins vary in code size from very simple to very complex. 99.9% of plugin users do not have the time or expertise to do a security review of the code prior to installing a plugin. That means you are at the mercy of the developer that nothing malicious has been programmed into the plugin that could affect the confidentiality, integrity and availability of your site. For this reason it is best to stick with WordPress plugins that have a large user base and come from more trusted sources.
Plugins are primarily developed by individual developers or very small teams with limited budget for testing. That means if you are an early adopter of a plugin you are the equivalent of a beta tester so it is wise to avoid being on the bleeding edge of adopting a new plugin version unless there is a security vulnerability in the old version that is actively being exploited in the wild. Otherwise you risk something going wrong with the plugin that could negatively impact the availability of your site. For this reason it is important to have a viable backup of your site prior to installing a new plugin or upgraded a currently installed one.
When you install a WordPress Plugin you are installing an application. That means you should careful consider whether you need and intend to use the plugin regularly. Each plugin installed required additional site administrative overhead in the form of applying upgrades to ensure you are running the latest version. For this reason it is important to only install plugins that will be activated on your site and plugins not active should be removed to eliminate a potential source of vulnerability.