Analysis of modern security plugins for wordpress

作     者：Georgi Stoyanov Adelina Aleksieva-Petrova Milen Petrov 

作者机构：Department of Software Engineering Sofia University “St. Kl. Ohridski” James Baucher 5 Blvd Sofia 1000 Bulgaria Department of Computer Systems Technical University of Sofia 8 Kliment Ohridski Blvd Sofia 1000 Bulgaria 

出 版 物：《AIP Conference Proceedings》 

年 卷 期：2024年第3084卷第1期

学科分类：07[理学] 0702[理学-物理学] 

摘      要：WordPress is the world’s most popular content management system. In recent years, websites using WordPress have been a popular target for hackers due to the platform’s popularity. To solve these problems, users turn to security plugins to help them deal with security threats. However, there is no in-depth security analysis of the WordPress plugin system. In this regard, the paper aims to analyze the work of the main security plugins, including code analysis, testing with different types of threats, checking the data that they collect, and evaluating their strengths and weaknesses. The working principles and implementations of modern security plugins have been described and the criteria for selecting the studied plugins have been defined. The results have been summarized and the approaches used by the different plugins have been compared.