While there are nearly a billion different Websites across the entire Internet, it turns out the vast majority of them run on only a few different systems, also known as platforms. So if a hacker can target a bug in the largest website platforms, it has the potential to target many millions of websites that use that platform. And if a hacker can take control of a website, he or she can install dangerous malware or viruses to infect every computer that visits the site.
WordPress is one of the most widely used website platforms around. One recent count estimated that 75 million sites around the world are built on the WordPress platform. Included in that 75 million count is my website that you are reading right now. Unfortunately, WordPress has a serious problem that could let hackers break into many websites that use it.
Fourteen months ago, a security researcher warned the WordPress developers that there was a problem in the comment system. Any hacker who posted a comment with a special symbol could get access to that WordPress account.
It took the whole 14 months, but fast forward to now, WordPress just came out with a security update, WordPress 4.2, that fixes the problem. Unfortunately, it didn't fix the problem completely and there's still a flaw.
This is not just a problem for the Website owner but also for anyone who happens to visit the infected site.