Key Takeaways
- 35.9% of all websites use a known CMS (up from 34.8% in 2023), according to BuiltWith’s web technology survey
- 43.6% of all websites run on WordPress, according to BuiltWith’s latest web technology trends
- 7.0% of all websites use Shopify, according to BuiltWith’s web technology survey
- 21.4% of all websites use Google Analytics (UA/GA4), according to BuiltWith’s analytics adoption trends
- 16.9% of all websites use Google Tag Manager, according to BuiltWith’s tag management adoption trends
- 54% of breaches involve the exploitation of a vulnerability with known patch information (2023), per Verizon’s 2024 Data Breach Investigations Report
- 1,000+ vulnerable third-party scripts were detected on 79% of websites in a study of web ecosystems published by Sucuri in 2024 (sample-based findings)
- 93% of online experiences begin with a search engine, per Similarweb’s industry research summary citing multiple sources (commonly reported in Similarweb’s marketing/SEO materials for 2024)
- 34% of website visits are abandoned if pages take longer than 3 seconds to load, per a Google/industry performance research compilation from Think with Google (citing industry studies)
- The median page weight was 2,350 KB in 2024 (HTTP Archive Page Weight report, measured from Alexa/HTTP Archive crawl samples)
- About 1.2% of pages in Chrome User Experience data have CLS (Cumulative Layout Shift) issues exceeding recommended thresholds (reported in Google CrUX guidance and aggregated dashboards for 2024)
- Organizations that fully deployed security automation and orchestration had a 6% lower breach cost in 2023 (IBM Security Cost of a Data Breach Report 2023)
- Google found that when DNS lookup time increases, overall page load impacts conversion; internal testing shows a 500 ms delay can reduce conversions by 20% (Google study published in Think with Google materials)
- The average cost per hour of website downtime is estimated at $5,600 in 2024 (Gartner/industry downtime cost surveys summarized in industry press; cited by Uptime Institute and other sources)
- 33% of websites are detected to have at least one outdated dependency vulnerable to known CVEs (2024 dependency scanning report with measured vulnerable component prevalence).
More websites rely on popular tools like WordPress and Google Analytics, yet security risks from vulnerable code and downtime costs grow.
Related reading
01 · Category
Market Size12 stats
Market Size Interpretation
02 · Category
User Adoption2 stats
User Adoption Interpretation
03 · Category
Risk & Security2 stats
Risk & Security Interpretation
04 · Category
Industry Trends1 stats
Industry Trends Interpretation
More related reading
05 · Category
Performance Metrics3 stats
Performance Metrics Interpretation
06 · Category
Cost Analysis4 stats
Cost Analysis Interpretation
07 · Category
Security Trends1 stats
Security Trends Interpretation
08 · Category
Cyber Risk1 stats
Cyber Risk Interpretation
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
Daniel Varga. (2026, February 13). Sites Statistics. Gitnux. https://gitnux.org/sites-statistics
Daniel Varga. "Sites Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/sites-statistics.
Daniel Varga. 2026. "Sites Statistics." Gitnux. https://gitnux.org/sites-statistics.
Sources & references
26 datasets cited across this report · attribution is report-level
+11 additional datasets cited (not shown individually)

