
Presents
2021 WordPress Vulnerability
Annual Report
The iThemes Security Weekly WordPress Vulnerability Report covers newly-disclosed WordPress plugin, theme, and core vulnerabilities. We compiled data from all of the vulnerability disclosures from our reports in 2021 to bring you the first WordPress Vulnerability annual report.

1,628
Vulnerabilities Disclosed
Vulnerability
Threat levels


Plugin status
aT Time of vulnerability disclosure
Vulnerability
Types

Vulnerabilities by Month (2021)

Vulnerabilities by threat level by month (2021)

Source: 2021 iThemes Security Weekly WordPress Vulnerability Reports was powered by WPScan.
On average, 30,000 websites are hacked every day. Every 39 seconds, a new cyberattack happens somewhere on the web.
IT’S NOT A MATTER OF IF, BUT WHEN YOUR SITE WILL BECOME A TARGET
This year alone, grim statistics point to the urgent need for website owners to take active security measures to defend their sites against cyberattacks.
300%
increase in
cyberattacks
This year alone, cyberattacks have increased by 300% as hackers increase their efforts to exploit vulnerable websites with poor security.
50%
OF ALL
HACKS & BREACHES
Nearly half of all cyberattacks prey on small to medium-sized businesses. Hackers know most of them don’t have solid security measures in place.
45%
OF ALL
WEBSITE OWNERS
Almost half of all website owners say they don’t have solid security measures in place to defend their sites against attacks.
30,000
WEBSITES
HACKED DAILY
As hackers become more sophisticated, 30,000 websites are successfully hacked each day, leaving website owners to deal with the destruction.
GET THE WEEKLY WORDPRESS VULNERABILITY REPORT
Keeping track of every new plugin and theme vulnerability is hard work. Get the weekly WordPress Vulnerability Report delivered right to your inbox to help keep your website secure.
Scan Your WordPress Website for Known Vulnerabilities with the iThemes Security Pro Plugin
A WordPress security plugin that’s so easy to use
With the drastic increase in WordPress-related vulnerabilities reported in 2021, you need a tool to secure and protect your WordPress site. iThemes Security Pro uses its own Site Scanner to check for known vulnerabilities in your plugins, themes, and WordPress core. The iThemes Site Scanner also checks your site’s blacklist status, website errors and for out-of-date software. Combined with the power of Version Management, your site will never run software with known vulnerabilities.
Get Started with iThemes Security Pro Today
(YOU’LL BE GLAD YOU DID!)
All iThemes Security Pro plans come with a 30-day money-back guarantee.
We stand behind our product 100% – see our refund policy