Yogesh Chauhan's Blog

Review an intentionally vulnerable plugin in WordPress

in WordPress on July 2, 2021

The original posts are from Jon Cave: Review an intentionally vulnerable plugin

Review a plugin for vulnerabilities

Jon has developed a small plugin that will actually create bugs IF the plugin has security flaws.

It requires a security review for plugins developers and suggestions for fixes.

Checkout the GitHub repo for the code.

This plugin is made for testing purposes and should be installed and activated on your DEV or TEST environments ONLY.

The plugin is not a fully developed one but made for debugging purposes. It logs all failed login attempts.

It’s basically like breaking your site in order to find the bugs and enhance the security by removing those bugs.

Jon recommends to look at the vulnerable.php file that has detailed functions and if you’re a WordPress developer, it won’t take much time to understand that code.

The log file will show you the problem and where it’s located. You need to go there and fix it.

It’s not going to magically fix your bugs but at least it makes you a better developer because once you fix those bugs, you’ll remember that for your next project.

You live, you learn!

Here are some useful posts regarding a plugin security

Most Read

#1 How to check if radio button is checked or not using JavaScript? #2 Solution to “TypeError: ‘x’ is not iterable” in Angular 9 #3 How to add Read More Read Less Button using JavaScript? #4 How to uninstall Cocoapods from the Mac OS? #5 PHP Login System using PDO Part 1: Create User Registration Page #6 How to Use SQL MAX() Function with Dates?

Recently Posted

#Aug 15 Is PHP still good for back-end programming? #Aug 10 How to create a multisite network in WordPress? #Aug 3 How to create a circle that follows a cursor using JavaScript and CSS? #Aug 3 How to make a curtain slider using jQuery and CSS? #Aug 2 How to progressively load images and add a blurry placeholder? #Aug 1 How to create a placeholder loader (throbber) using CSS?
You might also like these
How does AdSense calculate page loading time?JavaScriptHow to create a sidebar using pure CSS?CSSHow to remove special characters (dash, asterisk etc) from any string in PHP?PHPNumber Properties in JavaScriptJavaScriptWhat is Git?MiscellaneousLIKE and ILIKE Operators in PostgresPostgres