The aim of this paper is to analyze the techniques for securing a Content Management System, highlighting the vulnerabilities of the WordPress platform. The study includes qualitative and quantitative analyzes on the resilience of CMS platforms to cyber-attacks, simulated by the AD Trees methodology. The data provided by CVE is used to build possible attack scenarios that could compromise the cybersecurity of the web application. At the end of the paper, in order to minimize the impact of these attacks, solutions are proposed as sets of countermeasures within the Attack-Defense Trees.
Index terms: Attack-Defense Tree, CMS, cyber-attacks, software vulnerabilities, WordPress