2024 WordPress security saw major changes with the introduction of Bug Bounty Programs like Wordfence's, enabling researchers to monetize vulnerability assessments. Despite a 68% rise in disclosed vulnerabilities in 2024, most pose low risk to site owners. The report highlights predominant threats, including Cross-Site Scripting, and urges continued vigilance and layered security approaches. Over 54 billion attacks were blocked, showcasing the necessity of proactive security measures. Site owners are advised to follow best practices and remove outdated plugins to mitigate risks.
https://www.wordfence.com/blog/2025/04/2024-annual-wordpress-security-report-by-wordfence/