The (Un)usual Suspects – Studying Reasons for Lacking Updates in WordPress
Maria Hellenthal
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · Web Security
In the realm of cybersecurity, the perennial challenge of keeping software up-to-date remains one of the most critical yet frequently overlooked aspects of defense. Maria Hellenthal's talk, "The (Un)usual Suspects – Studying Reasons for Lacking Updates in WordPress," delivered at the NDSS Symposium, delves into the complex human factors behind the widespread phenomenon of outdated Content Management Systems (CMS). This presentation highlights a significant security gap: despite the well-known risks associated with unpatched software, a substantial portion of websites, particularly those built on popular platforms like WordPress, continue to operate with known vulnerabilities.
AI review
Solid academic work that applies grounded theory to a real and understudied problem — why WordPress sites stay unpatched. The novel findings around 'website value' and informal delegation dynamics are genuinely useful contributions to the human factors literature, even if they won't make an exploit developer's pulse quicken.