Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Plugin Security

Plugin Security

Brad Parbs

July 26, 2014

More Decks by Brad Parbs

Other Decks in Technology


  1. “20% of the 50 most popular WordPress plugins are vulnerable

    to common Web attacks. This amounts to nearly 8 million downloads of vulnerable plugins.” Checkmarx, an application security company
  2. define(  'WP_DEBUG',  true  );   define(  'WP_DEBUG_DISPLAY',  false  );  

    define(  'WP_DEBUG_LOG',  true  );   define(  'SCRIPT_DEBUG',  true  );   define(  'WP_CACHE',  false  );
  3. sanitize_email()   sanitize_file_name()   sanitize_html_class()   sanitize_key()   sanitize_meta()  

    sanitize_mime_type()   sanitize_option()   sanitize_sql_orderby()   sanitize_post_field()   sanitize_text_field()   sanitize_title()   sanitize_title_for_query()   sanitize_title_with_dashes()   sanitize_user()