Quality of WordPress Plug-Ins: An Overview of Security and User Ratings

机译：WordPress插件的质量：安全和用户评级的概述

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

We have applied static analysis to find out how vulnerable the plugins available at the official Word Press plug in directory are to well known security exploits. We have compared the amount of potential vulnerabilities and vulnerability density to the user ratings, to determine if user ratings can be used for finding secure plugins. We conclude that the quality of the plugins varies and there is no clear correlation between the ratings of plugins and the number of vulnerabilities detected in them. Indeed, an additional manual review exposed a simple but severe SQL injection vulnerability in a plug in, which has both good user ratings and a high download count. We recommend plugins to be individually inspected for typical vulnerabilities before using them in any Word Press powered site.

机译：我们已经应用了静态分析，以了解官方Word中可用的插件在目录中的插件是多么脆弱的是众所周知的安全漏洞。我们已经将潜在漏洞和漏洞密度与用户额定值进行了比较，以确定用户额定值是否可用于查找安全插件。我们得出的结论是，插件的质量有所不同，插件的额定值与它们中检测到的漏洞数量之间没有明确的相关性。实际上，额外的手动审查暴露了一个简单但严重的SQL注射漏洞，它具有良好的用户评分和高下载计数。我们建议在任何单词按下Powered Site中使用它们之前为典型漏洞进行单独检查插件。

著录项

来源
《ASE/IEEE International Conference on Privacy, Security, Risk and Trust;ASE/IEEE International Conference on Social Computing;Workshop on Context-Based Affect Recognition;Workshop on Security and Privacy in Social Networks;Workshop on Exploring Stances in Interactions;Workshop on Social Media for Human Computation;Workshop on Wide Spectrum Social Signal Processing》|2012年||共4页
会议地点
作者
Koskinen Teemu; Ihantola Petri; Karavirta Ville;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP393.08-53;
关键词
plugins; security; static analysis; user ratings; wordpress;

机译：插件;安全;静态分析;用户评分;WordPress;

相似文献

外文文献
中文文献
专利

1. Five-star or thumbs-up? The influence of rating system types on users' perceptions of information quality, cognitive effort, enjoyment and continuance intention [J] . Chen Chi-Wen Internet Research: Electronic Networking Applications and Policy . 2017,第3期

机译：五星或竖起大拇指？评级系统类型对信息质量，认知努力，享受和持续意图的影响
2. Accessibility, Security, Trust, Service Quality, and Satisfaction the Most Significant Antecedents Affects Online Banking Users [J] . Esmail Alekam Jamal Mohammed, Mohd. Mokhtar Sany Sanuri bin, Salleh Salniza Bt Md. Journal of computational and theoretical nanoscience . 2019,第12期

机译：可访问性，安全性，信任，服务质量和满意度最重要的前书会影响网上银行用户
3. Quality ratings of reviews in overviews: a comparison of reviews with and without dual (co-)authorship [J] . Dawid Pieper, Andreas Waltering, Jakob Holstiege, Systematic Reviews . 2018,第1期

机译：概述中评论的质量评级：具有和不具有双重（共同）作者身份的评论的比较
4. Quality of WordPress Plug-Ins: An Overview of Security and User Ratings [C] . Koskinen Teemu, Ihantola Petri, Karavirta Ville 2012 ASE/IEEE International Conference on Privacy, Security, Risk and Trust and 2012 ASE/IEEE International Conference on Social Computing. . 2012

机译：WordPress插件的质量：安全性和用户等级概述
5. Visualizing Users, User Communities, and Usage Trends in Complex Information Systems Using Implicit Rating Data [D] . Kim, Seonho. 2008

机译：使用隐式评级数据可视化复杂信息系统中的用户，用户社区和使用趋势
6. Quality ratings of reviews in overviews: a comparison of reviews with and without dual (co-)authorship [O] . Dawid Pieper, Andreas Waltering, Jakob Holstiege, 2018

机译：概述中评论的质量评级：具有和不具有双重（共同）作者身份的评论的比较
7. Quality Of WordPress Plug-Ins: An Overview of Security and User Ratings [O] . Teemu Koskinen, Petri Ihantola, Ville Karavirta 2014

机译：Wordpress插件的质量：安全性和用户评级概述

Quality of WordPress Plug-Ins: An Overview of Security and User Ratings

摘要

著录项

相似文献

相关主题

期刊订阅