wordpress.com versus other wordpress hosting

  • Unknown's avatar
    twinsenw · Member ·

    I wanted to ask the wordpress sales team this question before purchasing but I guess I have to ask in the community forums?

    So my company had wordpress hosting on one of those sites like bluehost, godddy or some other junk. They discovered a vulnerability in one of the plugins:

    ‘a plugin had security gap that allowed any attacker to RCE (remote code execution). One of the attackers contacted us and showed that he was able to create another administrator user without any of our consent.’

    Would hosting at wordpress.com be any different and prevent an issue like this? We’re interested in the business plan. What are the security differences? If we installed the same plugin in wordpress.com would we be similarly vulnerable.

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    josefhtest · Member ·

    Hi there @twinsenw

    I totally get your concern. I’ve had similar issues with self-hosted WordPress sites in the past,and it totally makes sense to check on those securities issue before dive in.

    Hosting with WordPress.com (especially on the  Business plan) is a bit different from traditional hosting providers. All sites benefit from our managed hosting infrastructure, which includes automatic core updates, active monitoring for known plugin vulnerabilities, and multiple layers of built-in security like firewalls, DDoS protection, and secure authentication.

    If you get the Business plan or higher, you can install third-party plugins . That said, while we do offer a secure environment, installing a plugin that has a known vulnerability can still carry risks — especially if it’s not actively maintained or hasn’t been updated in a while. But one important thing to note is that WordPress.com already includes a lot of built-in functionality. In many cases, you might not need third-party plugins at all unless it’s for something very specific. And if you’re unsure whether a plugin is secure or actively maintained, our support team is available 24/7 to take a look and help you assess it before you install anything.

    Here’s some helpful documentation for reference:

    To help us guide you better:

    • Do you remember which plugin caused the vulnerability?
    • Are you planning to replicate your current site setup here or simplify it?
    • Will multiple people be managing the site?

    Let us know — happy to help you explore a safer and more reliable setup.

  • The topic ‘wordpress.com versus other wordpress hosting’ is closed to new replies.