Projects

At ecommercethreats.com, we’re not just talking about security — we’re actively exploring how real-world threats affect websites of all sizes, and what can be done to prevent them.

Our projects are designed to uncover overlooked vulnerabilities, test existing protections, and help store owners, developers, and digital teams take practical steps toward securing their websites.

What Our Projects Focus On

Threat Identification in the Wild
We investigate how attackers exploit real websites — from unpatched plugins and third-party scripts to more subtle data exfiltration methods. Each project aims to demystify how these threats actually work in the real world.

Security by Design
We test how security best practices (like content security policies, monitoring tools, and plugin audits) actually perform on live sites — and what trade-offs store owners need to know.

Data-Driven Research
We analyse trends across platforms, plugins, and site setups to highlight patterns and vulnerabilities that are slipping through the cracks.

Plain-English Outputs
Each project is documented in accessible, action-focused language — designed to help decision-makers understand the risk and take meaningful steps without needing a technical background.

Who These Projects Are For

Store owners who want proof, not just theory
Agencies and developers looking for trusted, third-party research
Security-curious marketers and operations leads who need to make informed decisions
Anyone tired of vague blog posts that say “stay secure” without showing how

Upcoming Projects

A real-world analysis of third-party script risk across Shopify and WooCommerce stores
A simulated breach: what data can we extract from unmonitored contact forms
Testing popular security plugins — what they actually catch and what they miss
“The Forgotten Plugins” — a deep dive into abandoned plugins still running on active sites

Coming Soon

We’re currently finalising our first set of research-backed projects. Check back soon.