{"id":309528,"date":"2022-01-20T11:17:36","date_gmt":"2022-01-20T16:17:36","guid":{"rendered":"https:\/\/www.actionti.com\/?p=309528"},"modified":"2022-01-20T11:17:37","modified_gmt":"2022-01-20T16:17:37","slug":"wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021","status":"publish","type":"post","link":"https:\/\/actionti.com\/en\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/","title":{"rendered":"WordPress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021"},"content":{"rendered":"\n<p>par Jean-Luc Doumont \u2013 <a href=\"https:\/\/www.doumont360.com\/\">Doumont 360<\/a> (Relations publiques et gestion de crise)<\/p>\n\n\n\n<p><strong>Selon un rapport publi\u00e9 par la firme Risk Based Security, les chercheurs soutiennent que 2240 vuln\u00e9rabilit\u00e9s dans les plugiciels WordPress ont \u00e9t\u00e9 divulgu\u00e9es en 2021. Il s\u2019agirait d\u2019une augmentation de 142 % par rapport \u00e0 l\u2019ann\u00e9e 2020.<\/strong><\/p>\n\n\n\n<p>Le rapport indique que c\u2019est une tendance inqui\u00e9tante, car la plupart peuvent \u00eatre exploit\u00e9es par des acteurs contre des sites de commerce en ligne et d\u2019actualit\u00e9s d\u00e9velopp\u00e9s \u00e0 partir de la plateforme WordPress.<\/p>\n\n\n\n<p>Les plugiciels ajoutent des fonctionnalit\u00e9s \u00e0 la plateforme, notamment la possibilit\u00e9 d\u2019optimiser des moteurs de recherche, des formulaires pour les utilisateurs, un cr\u00e9ateur de site Web, ainsi que des fonctionnalit\u00e9s de commerce \u00e9lectronique.<\/p>\n\n\n\n<p>\u00ab&nbsp;<em>En raison de facteurs tels que l&#8217;exploitabilit\u00e9 et la localisation des attaques, les probl\u00e8mes de plugins WordPress peuvent constituer une menace importante pour les organisations qui d\u00e9ploient des actifs \u00e0 risque, m\u00eame s&#8217;ils peuvent ne pas sembler \u00ab&nbsp;tr\u00e8s critiques&nbsp;\u00bb \u00e0 premi\u00e8re vue<\/em>&nbsp;\u00bb, pr\u00e9vient le rapport.<\/p>\n\n\n\n<p>Il est estim\u00e9 qu\u2019il existe des milliers de plugiciels WordPress gratuits ou payants disponibles. Cependant, tous ne sont pas con\u00e7us avec un souci pour la s\u00e9curit\u00e9 ou ne publient pas de mises \u00e0 jour de s\u00e9curit\u00e9.<\/p>\n\n\n\n<p>Les vuln\u00e9rabilit\u00e9s de ces plugiciels permettent \u00e0 des acteurs d\u2019attaquer WordPress indirectement plut\u00f4t que de cibler directement la plateforme elle-m\u00eame.<\/p>\n\n\n\n<p>\u00ab&nbsp;<em>Les professionnels de la s\u00e9curit\u00e9 devraient commencer par des vuln\u00e9rabilit\u00e9s exploitables \u00e0 distance et avoir une solution connue. Si les probl\u00e8mes de plugin WordPress affectent des actifs importants, ces vuln\u00e9rabilit\u00e9s doivent \u00eatre tri\u00e9es en premier.&nbsp;En rem\u00e9diant \u00e0 ces types de probl\u00e8mes, les organisations peuvent mieux se prot\u00e9ger contre les attaques potentielles tout en gagnant du temps puisque les donn\u00e9es de la solution sont disponibles.&nbsp;Cette approche bas\u00e9e sur les risques s&#8217;av\u00e9rera plus efficace que les mod\u00e8les traditionnels de gestion des vuln\u00e9rabilit\u00e9s bas\u00e9s sur la gravit\u00e9<\/em>&nbsp;\u00bb, a conclu le rapport.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>par Jean-Luc Doumont \u2013 Doumont 360 (Relations publiques et gestion de crise) Selon un [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":309529,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[228],"class_list":["post-309528","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-non-classifiee-2"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Wordpress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021 | R\u00e9seau Action TI<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Wordpress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021 | R\u00e9seau Action TI\" \/>\n<meta property=\"og:description\" content=\"par Jean-Luc Doumont \u2013 Doumont 360 (Relations publiques et gestion de crise) Selon un [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"R\u00e9seau Action TI\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/Doumont360\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-20T16:17:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-01-20T16:17:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/actionti.com\/wp-content\/uploads\/2022\/01\/wordpress-gc5169a9ad_640.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"426\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jean-Luc Doumont\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@jldoumont\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jean-Luc Doumont\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/\"},\"author\":{\"name\":\"Jean-Luc Doumont\",\"@id\":\"https:\\\/\\\/actionti.com\\\/#\\\/schema\\\/person\\\/70c2526e4d475a65b25b1596ff208e53\"},\"headline\":\"WordPress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021\",\"datePublished\":\"2022-01-20T16:17:36+00:00\",\"dateModified\":\"2022-01-20T16:17:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/\"},\"wordCount\":361,\"publisher\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/actionti.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/wordpress-gc5169a9ad_640.jpg\",\"articleSection\":[\"Non classifi\u00e9(e)\"],\"inLanguage\":\"en-CA\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/\",\"url\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/\",\"name\":\"Wordpress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021 | R\u00e9seau Action TI\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/actionti.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/wordpress-gc5169a9ad_640.jpg\",\"datePublished\":\"2022-01-20T16:17:36+00:00\",\"dateModified\":\"2022-01-20T16:17:37+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#breadcrumb\"},\"inLanguage\":\"en-CA\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-CA\",\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#primaryimage\",\"url\":\"https:\\\/\\\/actionti.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/wordpress-gc5169a9ad_640.jpg\",\"contentUrl\":\"https:\\\/\\\/actionti.com\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/wordpress-gc5169a9ad_640.jpg\",\"width\":640,\"height\":426},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/actionti.com\\\/publications\\\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/actionti.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/actionti.com\\\/#website\",\"url\":\"https:\\\/\\\/actionti.com\\\/\",\"name\":\"R\u00e9seau Action TI\",\"description\":\"Regroupement des professionnels en technologies de l\u2019information (TI)\",\"publisher\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/actionti.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-CA\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/actionti.com\\\/#organization\",\"name\":\"R\u00e9seau Action TI\",\"url\":\"https:\\\/\\\/actionti.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-CA\",\"@id\":\"https:\\\/\\\/actionti.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"http:\\\/\\\/actionti.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/Action-TI-RGB-2-couleurs.png\",\"contentUrl\":\"http:\\\/\\\/actionti.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/Action-TI-RGB-2-couleurs.png\",\"width\":4501,\"height\":4501,\"caption\":\"R\u00e9seau Action TI\"},\"image\":{\"@id\":\"https:\\\/\\\/actionti.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/actionti.com\\\/#\\\/schema\\\/person\\\/70c2526e4d475a65b25b1596ff208e53\",\"name\":\"Jean-Luc Doumont\",\"description\":\"Strat\u00e8ge communications chez Doumont360.\",\"sameAs\":[\"http:\\\/\\\/doumont360.com\",\"https:\\\/\\\/www.facebook.com\\\/Doumont360\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/doumont360\",\"https:\\\/\\\/x.com\\\/jldoumont\"],\"url\":\"https:\\\/\\\/actionti.com\\\/en\\\/publications\\\/author\\\/jldoumont\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Wordpress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021 | R\u00e9seau Action TI","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/","og_locale":"en_US","og_type":"article","og_title":"Wordpress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021 | R\u00e9seau Action TI","og_description":"par Jean-Luc Doumont \u2013 Doumont 360 (Relations publiques et gestion de crise) Selon un [&hellip;]","og_url":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/","og_site_name":"R\u00e9seau Action TI","article_author":"https:\/\/www.facebook.com\/Doumont360","article_published_time":"2022-01-20T16:17:36+00:00","article_modified_time":"2022-01-20T16:17:37+00:00","og_image":[{"width":640,"height":426,"url":"https:\/\/actionti.com\/wp-content\/uploads\/2022\/01\/wordpress-gc5169a9ad_640.jpg","type":"image\/jpeg"}],"author":"Jean-Luc Doumont","twitter_card":"summary_large_image","twitter_creator":"@jldoumont","twitter_misc":{"Written by":"Jean-Luc Doumont","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#article","isPartOf":{"@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/"},"author":{"name":"Jean-Luc Doumont","@id":"https:\/\/actionti.com\/#\/schema\/person\/70c2526e4d475a65b25b1596ff208e53"},"headline":"WordPress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021","datePublished":"2022-01-20T16:17:36+00:00","dateModified":"2022-01-20T16:17:37+00:00","mainEntityOfPage":{"@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/"},"wordCount":361,"publisher":{"@id":"https:\/\/actionti.com\/#organization"},"image":{"@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/actionti.com\/wp-content\/uploads\/2022\/01\/wordpress-gc5169a9ad_640.jpg","articleSection":["Non classifi\u00e9(e)"],"inLanguage":"en-CA"},{"@type":"WebPage","@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/","url":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/","name":"Wordpress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021 | R\u00e9seau Action TI","isPartOf":{"@id":"https:\/\/actionti.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#primaryimage"},"image":{"@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/actionti.com\/wp-content\/uploads\/2022\/01\/wordpress-gc5169a9ad_640.jpg","datePublished":"2022-01-20T16:17:36+00:00","dateModified":"2022-01-20T16:17:37+00:00","breadcrumb":{"@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#breadcrumb"},"inLanguage":"en-CA","potentialAction":[{"@type":"ReadAction","target":["https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-CA","@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#primaryimage","url":"https:\/\/actionti.com\/wp-content\/uploads\/2022\/01\/wordpress-gc5169a9ad_640.jpg","contentUrl":"https:\/\/actionti.com\/wp-content\/uploads\/2022\/01\/wordpress-gc5169a9ad_640.jpg","width":640,"height":426},{"@type":"BreadcrumbList","@id":"https:\/\/actionti.com\/publications\/wordpress-les-vulnerabilites-de-plugiciels-ont-double-en-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/actionti.com\/en\/"},{"@type":"ListItem","position":2,"name":"WordPress | Les vuln\u00e9rabilit\u00e9s de plugiciels ont doubl\u00e9 en 2021"}]},{"@type":"WebSite","@id":"https:\/\/actionti.com\/#website","url":"https:\/\/actionti.com\/","name":"R\u00e9seau Action TI","description":"Regroupement des professionnels en technologies de l\u2019information (TI)","publisher":{"@id":"https:\/\/actionti.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/actionti.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-CA"},{"@type":"Organization","@id":"https:\/\/actionti.com\/#organization","name":"R\u00e9seau Action TI","url":"https:\/\/actionti.com\/","logo":{"@type":"ImageObject","inLanguage":"en-CA","@id":"https:\/\/actionti.com\/#\/schema\/logo\/image\/","url":"http:\/\/actionti.com\/wp-content\/uploads\/2021\/01\/Action-TI-RGB-2-couleurs.png","contentUrl":"http:\/\/actionti.com\/wp-content\/uploads\/2021\/01\/Action-TI-RGB-2-couleurs.png","width":4501,"height":4501,"caption":"R\u00e9seau Action TI"},"image":{"@id":"https:\/\/actionti.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/actionti.com\/#\/schema\/person\/70c2526e4d475a65b25b1596ff208e53","name":"Jean-Luc Doumont","description":"Strat\u00e8ge communications chez Doumont360.","sameAs":["http:\/\/doumont360.com","https:\/\/www.facebook.com\/Doumont360","https:\/\/www.linkedin.com\/company\/doumont360","https:\/\/x.com\/jldoumont"],"url":"https:\/\/actionti.com\/en\/publications\/author\/jldoumont\/"}]}},"_links":{"self":[{"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/posts\/309528","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/comments?post=309528"}],"version-history":[{"count":1,"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/posts\/309528\/revisions"}],"predecessor-version":[{"id":309530,"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/posts\/309528\/revisions\/309530"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/media\/309529"}],"wp:attachment":[{"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/media?parent=309528"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/actionti.com\/en\/wp-json\/wp\/v2\/categories?post=309528"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}