The aim of this paper is to analyze the techniques for securing a Content Management System, highlighting the vulnerabilities of the WordPress platform. The study includes qualitative and quantitative analyzes on the resilience of CMS platforms to cyber-attacks, simulated by the AD Trees methodology. The data provided by CVE is used to build possible attack scenarios that could compromise the cybersecurity of the web application. At the end of the paper, in order to minimize the impact of these attacks, solutions are proposed as sets of countermeasures within the Attack-Defense Trees.
Index terms: Attack-Defense Tree, CMS, cyber-attacks, software vulnerabilities, WordPress
- UK bans Chinese CCTV cameras at ‘sensitive’ government locations - 26 November 2022
- Chrome Update: Exploited Zero-Day Vulnerability fixed by Google, the 8th this year - 25 November 2022
- RESEARCH: analytics information related to iPhones include a Directory Services Identifier (DSID) that may be used to identify users - 24 November 2022