Yogesh Chauhan's Blog

Review an intentionally vulnerable plugin in WordPress

in WordPress on July 2, 2021

The original posts are from Jon Cave: Review an intentionally vulnerable plugin

Review a plugin for vulnerabilities

Jon has developed a small plugin that will actually create bugs IF the plugin has security flaws.

It requires a security review for plugins developers and suggestions for fixes.

Checkout the GitHub repo for the code.

This plugin is made for testing purposes and should be installed and activated on your DEV or TEST environments ONLY.

The plugin is not a fully developed one but made for debugging purposes. It logs all failed login attempts.

It’s basically like breaking your site in order to find the bugs and enhance the security by removing those bugs.

Jon recommends to look at the vulnerable.php file that has detailed functions and if you’re a WordPress developer, it won’t take much time to understand that code.

The log file will show you the problem and where it’s located. You need to go there and fix it.

It’s not going to magically fix your bugs but at least it makes you a better developer because once you fix those bugs, you’ll remember that for your next project.

You live, you learn!

Here are some useful posts regarding a plugin security


Most Read

#1 Solution to the error “Visual Studio Code can’t be opened because Apple cannot check it for malicious software” #2 How to add Read More Read Less Button using JavaScript? #3 How to check if radio button is checked or not using JavaScript? #4 Solution to “TypeError: ‘x’ is not iterable” in Angular 9 #5 How to uninstall Cocoapods from the Mac OS? #6 PHP Login System using PDO Part 1: Create User Registration Page

Recently Posted

#Apr 8 JSON.stringify() in JavaScript #Apr 7 Middleware in NextJS #Jan 17 4 advanced ways to search Colleague #Jan 16 Colleague UI Basics: The Search Area #Jan 16 Colleague UI Basics: The Context Area #Jan 16 Colleague UI Basics: Accessing the user interface
You might also like these
How to detect the Blog Page in WordPress?WordPressHow to compile and watch Sass using Gulp in WordPress?SCSSHow to progressively load images and add a blurry placeholder?CSSHow to remove a specific item from an array in JavaScript?JavaScriptDynamically generate names in SCSS (animation example)SCSSHow to Secure Web or Mobile Browsers?Miscellaneous