WordPress is the world's largest open source CMS. So it's really not surprising that it's also a prime target for hackers worldwide.
Just this week, the US FBI issued an alert about the potential danger of individuals sympathetic to Islamic State (ISIS) terrorists abusing vulnerabilities in the WordPress platform.
"Successful exploitation of the vulnerabilities could result in an attacker gaining unauthorized access, bypassing security restrictions, injecting scripts, and stealing cookies from computer systems or network servers. An attacker could install malicious software; manipulate data; or create new accounts with full user privileges for future Web site exploitation," the alert explains.
The FBI noted that the perpetrators of the attacks against WordPress are not terrorists themselves. Rather, they are hackers "using relatively unsophisticated methods to exploit technical vulnerabilities" in the name of the terrorist group "to gain more notoriety than the underlying attack would have otherwise garnered," the FBI maintains.
In any event, the FBI recommends any site running WordPress use some reasonable precautions:
Now let's move on to more pleasant open source CMS news.