As we wind up 2023, WordPress maintenance has become more important than ever before. It’s helpful for WordPress site owners to look back and see how their websites have performed. Looking at security, performance, and maintenance are all useful exercises to help determine improvements for the following year and beyond.
I’ve pulled together some useful 2023 WordPress maintenance statistics and summarized them below. Use these for your decision-making and for helping supervisors, managers, and C-Suite executives in their decision-making as well.
What are the key 2023 WordPress maintenance, security, and performance statistics?
- WordPress has a market share of 63.5% considering the websites whose CMS is known, indicating a growth of more than 10% over the years.
- WordPress continues to be the fastest-growing CMS since 2014. It is used by 45.8% (around 810 million) of all websites on the internet, representing an increase from 43.2% in 2022.
- WordPress vulnerabilities rose in 2023. In the first half of 2022, WPScan recorded 1,779 new vulnerabilities across WordPress plugins, themes, and core. In the first half of 2023, Wordfence identified 2,587 new vulnerabilities in the database, with 2,497 in WordPress plugins, 84 in WordPress themes, and 6 in WordPress core.
- The number of vulnerabilities disclosed in the first half of 2023 was significant, with approximately 26% (678 vulnerabilities) considered unpatched. The highest number of vulnerabilities was in February and the lowest in June.
- Approximately 90% of WordPress vulnerabilities were plugin vulnerabilities, 6% were theme vulnerabilities, and 4% were core software vulnerabilities.
What percentage of WordPress sites have vulnerable code right now?
A study released in June 2023 found that 61% of SMBs in the US and UK were successfully hit by a cyberattack in the past year, and 43% of all data breaches are against SMBs. 46% of cyber attacks target small businesses with 1,000 or fewer employees.
What percentage of businesses nearly faced bankruptcy after a cyber attack?
A 2022 report by Hiscox, a global insurance company, stated that a fifth of US and European businesses have warned that a serious cyber-attack nearly left them bankrupt, with over 87% viewing compromise as a bigger threat than an economic downturn.
What is the average cost in 2023 of a data breach for businesses with fewer than 500 employees?
According to a report by IBM and the Ponemon Institute, the average cost of a data breach for businesses with fewer than 500 employees is $2.98 million in 2023. This cost reflects the financial impact of a data breach, including expenses related to the incident and its damages.
The number of vulnerabilities disclosed in WordPress-related plugins, themes, and the core WordPress platform in 2023 varies over time. For example, a report from November 8, 2023, indicated that 56 total vulnerabilities emerged in public disclosure, including 37 plugin vulnerabilities and 3 in themes that had security patches available, along with 16 plugin vulnerabilities with no patch available yet.
What are the most common security threats to WordPress sites in 2023?
The most common security threats to WordPress sites in 2023 include:
- Vulnerable Plugins and Themes: Vulnerable plugins not updated by site owners are the most common vector for attacks on WordPress websites.
- Brute Force Attacks: These attacks involve automated attempts to guess the username and password to gain unauthorized access to a site.
- Cross-Site Scripting (XSS): This type of attack injects malicious scripts into web pages viewed by other users.
- SQL Injection Attacks: These attacks involve the insertion of a SQL query via the input data from the client to the application.
- Sensitive Data Exposure: This occurs when an application reveals sensitive information, such as passwords or personal data, to an attacker.
- Cross-Site Request Forgery (CSRF): This attack forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
- Outdated Software: Running outdated versions of WordPress, plugins, or themes can leave a site vulnerable to known security issues.
What can I do to reduce the risks and costs associated with WordPress vulnerabilities?
You can go the Do-It-Yourself (DIY) route and attempt to make the regular plugin, theme, and core code updates by either doing them manually or enabling auto-updating features on your live site. The upside is that you can be in charge of your site’s destiny and avoid paying a professional to do this work. The downside is that when an update inevitably breaks your site you will need to troubleshoot to find the root cause of the issue, perform a restore from backup (if you have one), or turn to a WordPress professional to have the site fixed.
You can also proactively hire a WordPress professional who will back up your site, test the updates on a development or staging version of your site, and then deploy the updates to the live site. The downside is that your website budget will need to be increased a bit to accommodate the cost of outsourcing this critical task. The upside is that you can treat that cost as an investment or insurance and then allocate your time, and the time of your developers, to more important revenue-generating work.
Gone are the days of clicking “Update” and hoping for the best. Let Webidextrous manage your maintenance. We’ll give you back your time and peace of mind.
More Information
- 20 WordPress Statistics You Should Know in 2023
- WordPress Statistics and Facts (2023)
- WordPress Statistics: How Many Websites Use WordPress in 2023?
- 20+ WordPress Statistics to Know in 2023
- 105 Significant WordPress Statistics & Facts (2023 Update)
- Demystifying the WordPress Vulnerability Landscape: 2023 Mid-Year Wordfence Intelligence WordPress Vulnerability Review Leveraging ChatGPT
- WordPress Vulnerability Report – June 14, 2023
- WordPress Vulnerability Report — November 8, 2023
- Is WordPress Secure? Here’s What the Data Says
- WordPress Vulnerability Scanner
- WordPress Security: What You Need to Know (and How to Stay Safe!)
- Worried About a Cyberattack? What It Could Cost Your Small Business
- Cost of a Data Breach—Stats Your Clients Should Consider
- Small Business Data Breach: The Consequences of a Cybercrime Data Breach
- The High Cost of Cyberattacks for Small Businesses
- Data breach causes 10 percent of small businesses to shutter
- 51 Small Business Cyber Attack Statistics 2023 (And What You Can Do About Them)
- 35 Alarming Small Business Cybersecurity Statistics for 2023
- Cyber threats to small businesses prompt pleas to report attacks
- Cyber Security Statistics: The Ultimate List Of Stats Data, & Trends For 2023
- 32 Small Business Cybersecurity Statistics – 2023
- 60 Percent Of Small Companies Close Within 6 Months Of Being Hacked
- The Devastating Business Impacts of a Cyber Breach
- Cyber attacks are prompting growing bankruptcy fears
- Cyber attacks strike insolvency fear into businesses
- Top 7 WordPress Security Threats and How to Fix Them
- 30+ of the Most Common WordPress Security Issues & Vulnerabilities
- 10 Common WordPress Security Issues and How to Solve Them
Rob Watson
Latest posts by Rob Watson (see all)
- SEO Learning Outline: 10+ Tips to Supercharge Your Neglected Websites - March 16, 2024
- What are session cookie hacks and why should WordPress users care? - March 8, 2024
- More effective AI: 5 ways your chatbot could be harming your business - February 17, 2024
- 2023 WordPress Maintenance: Critical Issues in Security and Performance - December 4, 2023
- Why Maintenance Matters: How WordPress 6.4 and cURL Broke Sites - November 9, 2023
0 Comments