How Attackers Gain Access to WordPress Sites
WordFence conducted a survey with a simple statement: “If you know how your site was compromised please describe how the attackers gained access.” The answers were free form text, so we manually categorized the answers. If the respondent expressed any doubt in their answer, we categorized them as uncertain.
Of the 1,032 survey respondents who answered this question, 61.5% didn’t know how the Attacker compromised their website. That is a not a huge surprise given that the large majority of respondents cleaned their sites themselves, but it is troubling. It is impossible to be confident that you have cleaned your site completely or that the vulnerability doesn’t still exist without knowing how the site was compromised in the first place.
For the site owners who did figure out how the attackers entered, here is what the breakdown looks like: