SlideShare ist ein Scribd-Unternehmen logo

Extending WordPress: common security vulnerabilities

Als PPTX, PDF herunterladen
Jonathan Bossenger
Jonathan Bossenger

In the plugin security best practices tutorial we covered the 5 top ways you can ensure your plugin is developed securely. However, it's important to understand why you need to follow these principles. In this tutorial, we will cover the top 3 Common Vulnerabilities that are found in plugins, and how to use the practices taught in the previous tutorial to combat them.

Technologie
1 von 4
Confidential Customized for Lorem Ipsum LLC Version 1.0 Jonathan Bossenger Extending WordPress: Common security vulnerabilities Learn.WordPress.org
Confidential Customized for Lorem Ipsum LLC Version 1.0 Learn.WordPress.org What you will learn 1. Common vulnerabilities to consider 2. Examples of how to prevent each type of vulnerability 3. Where to find more information
Confidential Customized for Lorem Ipsum LLC Version 1.0 Learn.WordPress.org 5 security principles 1. Sanitizing input 2. Data validation 3. Escaping output 4. Preventing untrusted requests 5. Checking user capabilities
Confidential Customized for Lorem Ipsum LLC Version 1.0 Learn.WordPress.org Common Vulnerabilities 1. SQL Injection - values are not properly sanitized for SQL commands

Empfohlen

New WordPress Developer APIs The Interactivity API
New WordPress Developer APIs The Interactivity APINew WordPress Developer APIs The Interactivity API
New WordPress Developer APIs The Interactivity API
Jonathan Bossenger
 
The WordPress HTML API
The WordPress HTML APIThe WordPress HTML API
The WordPress HTML API
Jonathan Bossenger
 
The WordPress Create Block tool
The WordPress Create Block toolThe WordPress Create Block tool
The WordPress Create Block tool
Jonathan Bossenger
 
PHP compatibility testing with PHPCompatibilityWP
PHP compatibility testing with PHPCompatibilityWPPHP compatibility testing with PHPCompatibilityWP
PHP compatibility testing with PHPCompatibilityWP
Jonathan Bossenger
 
Common WordPress APIs_ Settings API
Common WordPress APIs_ Settings APICommon WordPress APIs_ Settings API
Common WordPress APIs_ Settings API
Jonathan Bossenger
 
Common WordPress APIs - Options API
Common WordPress APIs - Options APICommon WordPress APIs - Options API
Common WordPress APIs - Options API
Jonathan Bossenger
 
Common WordPress APIs_ HTTP API.pptx
Common WordPress APIs_ HTTP API.pptxCommon WordPress APIs_ HTTP API.pptx
Common WordPress APIs_ HTTP API.pptx
Jonathan Bossenger
 
Common WordPress APIs: Metadata
Common WordPress APIs: MetadataCommon WordPress APIs: Metadata
Common WordPress APIs: Metadata
Jonathan Bossenger
 

Empfohlen

New WordPress Developer APIs The Interactivity API
New WordPress Developer APIs The Interactivity APINew WordPress Developer APIs The Interactivity API
New WordPress Developer APIs The Interactivity API
Jonathan Bossenger
 
The WordPress HTML API
The WordPress HTML APIThe WordPress HTML API
The WordPress HTML API
Jonathan Bossenger
 
The WordPress Create Block tool
The WordPress Create Block toolThe WordPress Create Block tool
The WordPress Create Block tool
Jonathan Bossenger
 
PHP compatibility testing with PHPCompatibilityWP
PHP compatibility testing with PHPCompatibilityWPPHP compatibility testing with PHPCompatibilityWP
PHP compatibility testing with PHPCompatibilityWP
Jonathan Bossenger
 
Common WordPress APIs_ Settings API
Common WordPress APIs_ Settings APICommon WordPress APIs_ Settings API
Common WordPress APIs_ Settings API
Jonathan Bossenger
 
Common WordPress APIs - Options API
Common WordPress APIs - Options APICommon WordPress APIs - Options API
Common WordPress APIs - Options API
Jonathan Bossenger
 
Common WordPress APIs_ HTTP API.pptx
Common WordPress APIs_ HTTP API.pptxCommon WordPress APIs_ HTTP API.pptx
Common WordPress APIs_ HTTP API.pptx
Jonathan Bossenger
 
Common WordPress APIs: Metadata
Common WordPress APIs: MetadataCommon WordPress APIs: Metadata
Common WordPress APIs: Metadata
Jonathan Bossenger
 
What’s new for developers_ (August 2023).pptx
What’s new for developers_ (August 2023).pptxWhat’s new for developers_ (August 2023).pptx
What’s new for developers_ (August 2023).pptx
Jonathan Bossenger
 
Testing your plugins for PHP version compatibility
Testing your plugins for PHP version compatibilityTesting your plugins for PHP version compatibility
Testing your plugins for PHP version compatibility
Jonathan Bossenger
 
Common WordPress APIs_ Global Variables
Common WordPress APIs_ Global VariablesCommon WordPress APIs_ Global Variables
Common WordPress APIs_ Global Variables
Jonathan Bossenger
 
Common WordPress APIs_ Internationalization
Common WordPress APIs_ InternationalizationCommon WordPress APIs_ Internationalization
Common WordPress APIs_ Internationalization
Jonathan Bossenger
 
Testing WordPress 6.3 - Developer edition
Testing WordPress 6.3 - Developer editionTesting WordPress 6.3 - Developer edition
Testing WordPress 6.3 - Developer edition
Jonathan Bossenger
 
Common WordPress APIs: Responsive Images
Common WordPress APIs: Responsive ImagesCommon WordPress APIs: Responsive Images
Common WordPress APIs: Responsive Images
Jonathan Bossenger
 
Common WordPress APIs - Dashboard Widgets
Common WordPress APIs - Dashboard WidgetsCommon WordPress APIs - Dashboard Widgets
Common WordPress APIs - Dashboard Widgets
Jonathan Bossenger
 
Custom Tables in WordPress
Custom Tables in WordPressCustom Tables in WordPress
Custom Tables in WordPress
Jonathan Bossenger
 
The WordPress Database
The WordPress DatabaseThe WordPress Database
The WordPress Database
Jonathan Bossenger
 
WordPress Coding Standards
WordPress Coding StandardsWordPress Coding Standards
WordPress Coding Standards
Jonathan Bossenger
 
Managing a WordPress Multisite Network
Managing a WordPress Multisite NetworkManaging a WordPress Multisite Network
Managing a WordPress Multisite Network
Jonathan Bossenger
 
Debugging in WordPress
Debugging in WordPressDebugging in WordPress
Debugging in WordPress
Jonathan Bossenger
 
Testing plugins for PHP 8
Testing plugins for PHP 8Testing plugins for PHP 8
Testing plugins for PHP 8
Jonathan Bossenger
 
Introduction to WordPress Multisite Networks
Introduction to WordPress Multisite NetworksIntroduction to WordPress Multisite Networks
Introduction to WordPress Multisite Networks
Jonathan Bossenger
 
Developing for multisite
Developing for multisiteDeveloping for multisite
Developing for multisite
Jonathan Bossenger
 
Custom Post Types and Capabilities.pptx
Custom Post Types and Capabilities.pptxCustom Post Types and Capabilities.pptx
Custom Post Types and Capabilities.pptx
Jonathan Bossenger
 
Developing WordPress User Roles and Capabilities
Developing WordPress User Roles and CapabilitiesDeveloping WordPress User Roles and Capabilities
Developing WordPress User Roles and Capabilities
Jonathan Bossenger
 
Let's code: WordPress multisite experiments
Let's code: WordPress multisite experimentsLet's code: WordPress multisite experiments
Let's code: WordPress multisite experiments
Jonathan Bossenger
 
Creating a WordPress multisite network
Creating a WordPress multisite networkCreating a WordPress multisite network
Creating a WordPress multisite network
Jonathan Bossenger
 
WP REST API - custom routes and endpoints
WP REST API - custom routes and endpointsWP REST API - custom routes and endpoints
WP REST API - custom routes and endpoints
Jonathan Bossenger
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
 

Weitere ähnliche Inhalte

Mehr von Jonathan Bossenger

Mehr von Jonathan Bossenger (20)

What’s new for developers_ (August 2023).pptx
What’s new for developers_ (August 2023).pptxWhat’s new for developers_ (August 2023).pptx
What’s new for developers_ (August 2023).pptx
 
Testing your plugins for PHP version compatibility
Testing your plugins for PHP version compatibilityTesting your plugins for PHP version compatibility
Testing your plugins for PHP version compatibility
 
Common WordPress APIs_ Global Variables
Common WordPress APIs_ Global VariablesCommon WordPress APIs_ Global Variables
Common WordPress APIs_ Global Variables
 
Common WordPress APIs_ Internationalization
Common WordPress APIs_ InternationalizationCommon WordPress APIs_ Internationalization
Common WordPress APIs_ Internationalization
 
Testing WordPress 6.3 - Developer edition
Testing WordPress 6.3 - Developer editionTesting WordPress 6.3 - Developer edition
Testing WordPress 6.3 - Developer edition
 
Common WordPress APIs: Responsive Images
Common WordPress APIs: Responsive ImagesCommon WordPress APIs: Responsive Images
Common WordPress APIs: Responsive Images
 
Common WordPress APIs - Dashboard Widgets
Common WordPress APIs - Dashboard WidgetsCommon WordPress APIs - Dashboard Widgets
Common WordPress APIs - Dashboard Widgets
 
Custom Tables in WordPress
Custom Tables in WordPressCustom Tables in WordPress
Custom Tables in WordPress
 
The WordPress Database
The WordPress DatabaseThe WordPress Database
The WordPress Database
 
WordPress Coding Standards
WordPress Coding StandardsWordPress Coding Standards
WordPress Coding Standards
 
Managing a WordPress Multisite Network
Managing a WordPress Multisite NetworkManaging a WordPress Multisite Network
Managing a WordPress Multisite Network
 
Debugging in WordPress
Debugging in WordPressDebugging in WordPress
Debugging in WordPress
 
Testing plugins for PHP 8
Testing plugins for PHP 8Testing plugins for PHP 8
Testing plugins for PHP 8
 
Introduction to WordPress Multisite Networks
Introduction to WordPress Multisite NetworksIntroduction to WordPress Multisite Networks
Introduction to WordPress Multisite Networks
 
Developing for multisite
Developing for multisiteDeveloping for multisite
Developing for multisite
 
Custom Post Types and Capabilities.pptx
Custom Post Types and Capabilities.pptxCustom Post Types and Capabilities.pptx
Custom Post Types and Capabilities.pptx
 
Developing WordPress User Roles and Capabilities
Developing WordPress User Roles and CapabilitiesDeveloping WordPress User Roles and Capabilities
Developing WordPress User Roles and Capabilities
 
Let's code: WordPress multisite experiments
Let's code: WordPress multisite experimentsLet's code: WordPress multisite experiments
Let's code: WordPress multisite experiments
 
Creating a WordPress multisite network
Creating a WordPress multisite networkCreating a WordPress multisite network
Creating a WordPress multisite network
 
WP REST API - custom routes and endpoints
WP REST API - custom routes and endpointsWP REST API - custom routes and endpoints
WP REST API - custom routes and endpoints
 

Kürzlich hochgeladen

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 

Extending WordPress: common security vulnerabilities

  • 1. Confidential Customized for Lorem Ipsum LLC Version 1.0 Jonathan Bossenger Extending WordPress: Common security vulnerabilities Learn.WordPress.org
  • 2. Confidential Customized for Lorem Ipsum LLC Version 1.0 Learn.WordPress.org What you will learn 1. Common vulnerabilities to consider 2. Examples of how to prevent each type of vulnerability 3. Where to find more information
  • 3. Confidential Customized for Lorem Ipsum LLC Version 1.0 Learn.WordPress.org 5 security principles 1. Sanitizing input 2. Data validation 3. Escaping output 4. Preventing untrusted requests 5. Checking user capabilities
  • 4. Confidential Customized for Lorem Ipsum LLC Version 1.0 Learn.WordPress.org Common Vulnerabilities 1. SQL Injection - values are not properly sanitized for SQL commands

Hinweis der Redaktion

  1. TITLE SLIDE: Make a copy of this presentation to your Google Drive, and edit to replace with your details.
  2. TITLE SLIDE: Make a copy of this presentation to your Google Drive, and edit to replace with your details.
  3. TITLE SLIDE: Make a copy of this presentation to your Google Drive, and edit to replace with your details.
  4. TITLE SLIDE: Make a copy of this presentation to your Google Drive, and edit to replace with your details.