2018 Analysis: WordPress Remains Top Target in Hacked CMS Scene

Roughly 90 percent of all the hacked content management systems (CMSs) Sucuri investigated and helped fix in 2018 were WordPress sites. In a distant second, third, and fourth came Magento (4.6 percent), Joomla (4.3 percent), and Drupal (3.7 percent), according to a report the company published yesterday.

Sucuri experts blamed most of the hacks on vulnerabilities in plugins and themes, misconfiguration issues, and a lack of maintenance by webmasters, who often forgot to update their CMS, themes, and plugins.