Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Critical SharePoint RCE Vulnerability CVE-2023-29357 Gets PoC Exploit Code
July 8, 2026
Critical Android 14 vulnerability lets attackers gain full control
July 8, 2026
CISA Warns of Adobe ColdFusion Path Traversal Vulnerability Exploited in Attacks
July 8, 2026
Home/CyberSecurity News/70% of WordPress Sites Exposed to Attacks Due to Outdated PHP Versions
CyberSecurity News

70% of WordPress Sites Exposed to Attacks Due to Outdated PHP Versions

Key Takeaways Over 70% of public WordPress sites are running end-of-life PHP versions, creating significant security vulnerabilities. Only about 30% of WordPress installations utilize a currently...

Jennifer sherman
Jennifer sherman
July 8, 2026 4 Min Read
4 0

Key Takeaways

  • Over 70% of public WordPress sites are running end-of-life PHP versions, creating significant security vulnerabilities.
  • Only about 30% of WordPress installations utilize a currently supported PHP version.
  • Outdated PHP versions expose sites to known exploits, including remote code execution, even if WordPress core is updated.
  • The “Hacked by MR.GREEN” defacement campaign exemplifies the real-world impact of these unpatched systems.
  • Challenges like compatibility issues and fear of downtime often prevent administrators from updating PHP.

Widespread PHP Obsolescence Jeopardizes WordPress Security

A recent analysis has uncovered a critical security flaw affecting the majority of WordPress websites globally: more than 70% are operating on outdated, unsupported versions of PHP. This widespread neglect of the underlying server-side language dramatically increases their susceptibility to cyberattacks, leaving millions of sites exposed.

Table Of Content

  • Key Takeaways
  • Widespread PHP Obsolescence Jeopardizes WordPress Security
  • The Scale of the Problem
  • Real-World Impact: The “Hacked by MR.GREEN” Campaign
  • Compounding Factors: Plugins and Configuration
  • The Challenge of Updating
  • What You Should Do

The findings underscore a significant and growing security gap within the internet’s infrastructure. Despite continuous security updates for the WordPress content management system itself, the foundational PHP versions upon which these sites run are frequently left unpatched, creating a persistent threat vector.

The Scale of the Problem

WordPress, which powers over 40% of all websites, relies heavily on PHP for its core functionality. However, Censys data shows that out of over 316,000 WordPress instances with discernible version information, merely 30% are currently utilizing a supported and up-to-date PHP version. The vast majority continues to run on versions that have reached their end-of-life (EOL), meaning they no longer receive critical security patches. For instance, PHP 7.4 ceased receiving security updates in November 2022, yet it remains prevalent.

This imbalance is a critical concern. Even if website owners diligently keep their WordPress core software updated, an outdated PHP version can introduce severe vulnerabilities. These can include known remote code execution flaws and authentication bypass issues, providing attackers with direct pathways into systems.

Real-World Impact: The “Hacked by MR.GREEN” Campaign

Cybercriminals are actively exploiting these weaknesses. Automated scanning tools constantly probe the internet for unpatched systems, making them prime targets. A prominent example is the ongoing “Hacked by MR.GREEN” defacement campaign, which has compromised over 900 websites, predominantly WordPress installations.

These attacks typically involve replacing legitimate website content with messages from the attackers, clearly demonstrating the ease with which vulnerable systems can be breached. While the precise method of exploitation for this campaign remains somewhat unclear, researchers observed that many affected sites exhibited common signs of neglect, including outdated software, exposed configuration files like xmlrpc.php, and weak access controls.

Compounding Factors: Plugins and Configuration

The extensive use of plugins within the WordPress ecosystem further complicates the security landscape. While plugins enhance functionality, they also expand the attack surface. Censys data shows millions of websites use plugins, yet many fail to keep them updated. Even widely used plugins, such as Yoast SEO, show low adoption rates for their latest, most secure versions. Vulnerabilities in these plugins, ranging from authentication bypasses to data exposure flaws, can serve as readily available entry points for attackers if left unpatched.

Beyond software versions, misconfigurations also contribute significantly to risk. Publicly accessible SSH services, weak authentication settings, and exposed administrative endpoints can create a highly exploitable environment, especially when combined with outdated software. Attackers frequently leverage automated scanning tools to identify these weaknesses at scale.

The Challenge of Updating

Updating PHP versions on CMS platforms is often not a straightforward process, particularly for older websites. Administrators frequently face compatibility issues, the risk of breaking existing site functionality, and the fear of downtime. These concerns often lead to delays or complete avoidance of critical updates. However, this short-term convenience comes at the severe cost of long-term security, leaving systems exposed to known and actively exploited vulnerabilities.

Security experts consistently emphasize that maintaining updated backend infrastructure is as crucial as updating visible components like themes and plugins. In an threat landscape where adversaries are constantly evolving their tactics, neglecting core technologies like PHP leaves a significant portion of the internet vulnerable to opportunistic attacks.

What You Should Do

  • Update PHP Immediately: Prioritize upgrading your WordPress site’s PHP version to a currently supported release (e.g., PHP 8.1 or newer). Consult your hosting provider or a developer if you are unsure how to proceed.
  • Regularly Patch All Software: Ensure your WordPress core, themes, and all plugins are consistently updated to their latest versions.
  • Audit and Secure Configurations: Review server and WordPress configurations for exposed services (like SSH), default credentials, and publicly accessible administrative interfaces. Implement strong authentication and access controls.
  • Implement a Staging Environment: Before applying major updates (especially PHP upgrades), test them thoroughly in a staging environment to identify and resolve any compatibility issues without affecting your live site.
  • Monitor for Suspicious Activity: Deploy security monitoring tools and regularly review logs for any signs of compromise or unusual activity.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackBreachCybersecurityExploitPatchSecurityThreat

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

Discord Bug Mistakenly Banned Over 8,000 Accounts Since May

Next Post

CISA Warns of Adobe ColdFusion Path Traversal Vulnerability Exploited in Attacks

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
China-Linked Hackers Exploit Critical Ruckus Router Flaws
July 8, 2026
Critical GhostLock Vulnerability in Linux Kernel Lets Attackers Escalate Privileges
July 8, 2026
OpenAI Secures US Government Clearance for GPT-5.6 Launch
July 8, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
David kimber
David kimber
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us