With GDPR now only a month away, businesses across Europe are gearing up for what will potentially be one of the biggest shifts in data privacy laws since the 2003 CAN-SPAM Act.
Businesses will face fines of up to €20 million if they do not comply with new legislation and processes, that ultimately put users in control of who, how, and where their personal data is stored.
A key part of GDPR is the business’ responsibility to secure customer data and websites to prevent data breaches, phishing, and other forms of malicious online activity.
Estimates show that WordPress is used by 25–40% of the internet, depending on which source you read, and given its widespread popularity and usage, it is a prime target for hackers.
A recent research study conducted by cybersecurity monitoring platform CyberScanner, they scanned 93,930 WordPress websites and 9834 WooCommerce websites based in the UK and found that on average 80.7% contained at least one known, hackable exploit that can be deemed as a severe security risk.
Some of the most common known vulnerabilities scanned for included cross-site scripting (XSS), SQL injection, cross-site request forgery (CSRF), and SSL certificate problems.