{"id":"https://openalex.org/W2323558338","doi":"https://doi.org/10.1145/2837185.2837195","title":"WordPress security","display_name":"WordPress security","publication_year":2015,"publication_date":"2015-12-11","ids":{"openalex":"https://openalex.org/W2323558338","doi":"https://doi.org/10.1145/2837185.2837195","mag":"2323558338"},"language":"en","primary_location":{"id":"doi:10.1145/2837185.2837195","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2837185.2837195","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 17th International Conference on Information Integration and Web-based Applications &amp; Services","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5050267877","display_name":"Hannes Trunde","orcid":null},"institutions":[{"id":"https://openalex.org/I121760703","display_name":"University of Applied Sciences Technikum Wien","ror":"https://ror.org/04jsx0x49","country_code":"AT","type":"education","lineage":["https://openalex.org/I121760703"]}],"countries":["AT"],"is_corresponding":true,"raw_author_name":"Hannes Trunde","raw_affiliation_strings":["University of Applied Sciences Technikum Wien, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"University of Applied Sciences Technikum Wien, Vienna, Austria","institution_ids":["https://openalex.org/I121760703"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5083435816","display_name":"Edgar Weippl","orcid":"https://orcid.org/0000-0003-0665-6126"},"institutions":[{"id":"https://openalex.org/I4210167190","display_name":"SBA Research","ror":"https://ror.org/05nny6x17","country_code":"AT","type":"facility","lineage":["https://openalex.org/I4210167190"]}],"countries":["AT"],"is_corresponding":false,"raw_author_name":"Edgar Weippl","raw_affiliation_strings":["SBA Research, Vienna, Austria"],"affiliations":[{"raw_affiliation_string":"SBA Research, Vienna, Austria","institution_ids":["https://openalex.org/I4210167190"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5050267877"],"corresponding_institution_ids":["https://openalex.org/I121760703"],"apc_list":null,"apc_paid":null,"fwci":2.3838,"has_fulltext":false,"cited_by_count":13,"citation_normalized_percentile":{"value":0.91673855,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9846000075340271,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9585999846458435,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.8079160451889038},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7906023263931274},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.748376727104187},{"id":"https://openalex.org/keywords/plug-in","display_name":"Plug-in","score":0.7341676950454712},{"id":"https://openalex.org/keywords/surprise","display_name":"Surprise","score":0.604736328125},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5938360691070557},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5531330704689026},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.4730899930000305},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4265926480293274},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.2660534679889679},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.1560555100440979},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1521705985069275},{"id":"https://openalex.org/keywords/search-engine","display_name":"Search engine","score":0.08933320641517639}],"concepts":[{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.8079160451889038},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7906023263931274},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.748376727104187},{"id":"https://openalex.org/C4924752","wikidata":"https://www.wikidata.org/wiki/Q184148","display_name":"Plug-in","level":2,"score":0.7341676950454712},{"id":"https://openalex.org/C2780343955","wikidata":"https://www.wikidata.org/wiki/Q333173","display_name":"Surprise","level":2,"score":0.604736328125},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5938360691070557},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5531330704689026},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.4730899930000305},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4265926480293274},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.2660534679889679},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.1560555100440979},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1521705985069275},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.08933320641517639},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0},{"id":"https://openalex.org/C77805123","wikidata":"https://www.wikidata.org/wiki/Q161272","display_name":"Social psychology","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2837185.2837195","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2837185.2837195","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 17th International Conference on Information Integration and Web-based Applications &amp; Services","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4300000071525574,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":34,"referenced_works":["https://openalex.org/W23242426","https://openalex.org/W125279808","https://openalex.org/W1489243061","https://openalex.org/W1648477960","https://openalex.org/W1768549948","https://openalex.org/W1861561811","https://openalex.org/W1867275324","https://openalex.org/W1948712562","https://openalex.org/W1969354810","https://openalex.org/W1979931683","https://openalex.org/W1983142587","https://openalex.org/W1987059498","https://openalex.org/W1988033384","https://openalex.org/W1997389706","https://openalex.org/W2001693166","https://openalex.org/W2008857097","https://openalex.org/W2056777262","https://openalex.org/W2059490789","https://openalex.org/W2070218579","https://openalex.org/W2081048703","https://openalex.org/W2096791889","https://openalex.org/W2144696387","https://openalex.org/W2172260321","https://openalex.org/W2545525312","https://openalex.org/W2914692020","https://openalex.org/W2962986000","https://openalex.org/W4232621723","https://openalex.org/W6636851664","https://openalex.org/W6639212904","https://openalex.org/W6646846285","https://openalex.org/W6664477340","https://openalex.org/W6681405559","https://openalex.org/W6685390734","https://openalex.org/W7042334121"],"related_works":["https://openalex.org/W3184859223","https://openalex.org/W2955734438","https://openalex.org/W2167752994","https://openalex.org/W1982746004","https://openalex.org/W2775081089","https://openalex.org/W2504194819","https://openalex.org/W2407701912","https://openalex.org/W4238821156","https://openalex.org/W2971802583","https://openalex.org/W1981942666"],"abstract_inverted_index":{"The":[0,101,190,211],"danger":[1],"of":[2,28,42,141,161,188,192,221,236,263],"SQL":[3,90],"injections":[4],"has":[5,166,177,241,247],"been":[6,99],"known":[7],"for":[8,22,32,93,198,208,213,260,280],"more":[9],"than":[10],"a":[11,205,218,269],"decade":[12],"but":[13],"injection":[14,91],"attacks":[15,34],"have":[16,98,136],"led":[17],"the":[18,29,43,52,76,121,139,142,148,159,175,186,228,234,252,257],"OWASP":[19],"top":[20,44],"10":[21,45,153],"years":[23,154],"and":[24,66,83,95,109,156,163],"still":[25,182],"are":[26,49,70,113,145],"one":[27],"major":[30,258],"reasons":[31],"devastating":[33],"on":[35],"web":[36,47],"sites.":[37],"As":[38],"about":[39],"24%":[40],"percent":[41],"million":[46],"sites":[48],"built":[50],"upon":[51],"content":[53,61],"management":[54,62],"system":[55],"WordPress,":[56],"it's":[57],"no":[58],"surprise":[59],"that":[60,138,158,173,196,216],"systems":[63],"in":[64,68,115,251],"general":[65],"WordPress":[67,94],"particular":[69],"frequently":[71],"targeted.":[72],"To":[73],"understand":[74],"how":[75],"underlying":[77,122],"security":[78,143,281],"bugs":[79,112,144],"can":[80,224],"be":[81,225,249],"discovered":[82],"exploited":[84],"by":[85,147],"attackers,":[86],"199":[87],"publicly":[88],"disclosed":[89],"exploits":[92],"its":[96],"plugins":[97],"analyzed.":[100],"steps":[102],"an":[103,238],"attacker":[104],"would":[105],"take":[106],"to":[107,117,120,248],"uncover":[108],"utilize":[110],"these":[111],"followed":[114],"order":[116],"gain":[118],"access":[119],"database":[123],"through":[124],"automated,":[125,199],"dynamic":[126,200],"vulnerability":[127,201],"scanning":[128,202],"with":[129,271],"well-known,":[130],"freely":[131],"available":[132],"tools.":[133,264],"Previous":[134],"studies":[135],"shown":[137],"majority":[140,187],"caused":[146],"same":[149],"programming":[150],"errors":[151],"as":[152],"ago":[155],"state":[157],"complexity":[160,176,235],"finding":[162],"exploiting":[164,237],"them":[165],"not":[167,178,184,242],"increased":[168],"significantly.":[169],"Furthermore,":[170],"they":[171],"claim":[172],"although":[174],"increased,":[179,243],"automated":[180],"tools":[181,197],"do":[183],"detect":[185],"bugs.":[189],"results":[191],"this":[193,214,244,261],"paper":[194],"show":[195],"only":[203,217],"play":[204],"subordinate":[206],"role":[207],"developing":[209],"exploits.":[210],"reason":[212],"is":[215,256,276],"small":[219],"percentage":[220],"attack":[222,239,245],"vectors":[223],"found":[226,250],"during":[227],"detection":[229],"phase.":[230],"So":[231],"even":[232],"if":[233],"vector":[240,246],"first":[253],"place,":[254],"which":[255],"challenge":[259],"kind":[262],"Therefore,":[265],"from":[266],"today's":[267],"perspective,":[268],"combination":[270],"manual":[272],"and/or":[273],"static":[274],"analysis":[275],"essential":[277],"when":[278],"testing":[279],"vulnerabilities.":[282]},"counts_by_year":[{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}