WordPress Version Survey

A while ago I saw the blog version survey at BlogSecurity.net and got an idea to do my own. The previous survey is more than 8 months old and several new WordPress version have been released since then, so I think a new study is in order 🙂

I collected a large list of WordPress blogs by searching for common WP footprints on Google. Then I used a simple PHP script to determine what version of WordPress they were running. After filtering out invalid results and blogs that hide their version info, I arrived at a list of 1331 WordPress blogs to use in this survey.

The results are displayed below.

WordPress Version Popularity (Summary)

Version Blogs %
WordPress 2.4 – 2.5 23 1,7%
WordPress 2.3.x 772 58,0%
WordPress 2.2.x 246 18,5%
WordPress 2.1.x 103 7,7%
WordPress 2.0.x 126 9,5%
WordPress 1.5.x 26 2,0%
Other 35 2,6%

As you can see, around 40% of the surveyed blogs still use versions older than the 2.3.x branch. This is dangerous, because there are many known vulnerabilities and exploits for old versions of WP.

Below is a more detailed table for those who aren’t satisfied with the above summary.

Detailed WordPress Version Data

Version Blogs
WordPress/2.5-beta1 7
WordPress/2.4-bleeding 1
WordPress 2.5-beta1 9
WordPress 2.4-bleeding 6
WordPress 2.3.3 402
WordPress 2.3.2 170
WordPress 2.3.1 160
WordPress 2.3 40
WordPress 2.2.3 36
WordPress 2.2.2 60
WordPress 2.2.1-RC2 2
WordPress 2.2.1 74
WordPress 2.2 74
WordPress 2.1.3 34
WordPress 2.1.2 31
WordPress 2.1.1 5
WordPress 2.1 33
WordPress 2.0.9 2
WordPress 2.0.7 7
WordPress 2.0.6 5
WordPress 2.0.5 24
WordPress 2.0.4 23
WordPress 2.0.3 10
WordPress 2.0.2 31
WordPress 2.0.11 3
WordPress 2.0.10 4
WordPress 2.0.1 4
WordPress 2.0 12
WordPress 2 1
WordPress 1.5.3-beta1 2
WordPress 1.5.2 12
WordPress 1.5.1.3 4
WordPress 1.5.1.2 1
WordPress 1.5 7
WordPress 1.2.2 1
WordPress 1.2.1 1
WordPress 1.2-beta 1
WordPress 1.2 3
WordPress 1.0.2 1
WordPress* 28

* Blogs that didn’t disclose a version number; just “WordPress”.

Related posts :

2 Responses to “WordPress Version Survey”

  1. ejm says:

    Please correct me if I’m wrong, but WordPress 2.0.11 (the “legacy” version) is stable and is still considered to be safe to use.

  2. White Shadow says:

    I haven’t seen any exploits targeted at that version specifically, but something like this might still apply in certain cases.

    Anyway, I’m not a WP security expert 😉

Leave a Reply