Yogesh Chauhan's Blog

Review an intentionally vulnerable plugin in WordPress

in WordPress on July 2, 2021

The original posts are from Jon Cave: Review an intentionally vulnerable plugin

Review a plugin for vulnerabilities

Jon has developed a small plugin that will actually create bugs IF the plugin has security flaws.

It requires a security review for plugins developers and suggestions for fixes.

Checkout the GitHub repo for the code.

This plugin is made for testing purposes and should be installed and activated on your DEV or TEST environments ONLY.

The plugin is not a fully developed one but made for debugging purposes. It logs all failed login attempts.

It’s basically like breaking your site in order to find the bugs and enhance the security by removing those bugs.

Jon recommends to look at the vulnerable.php file that has detailed functions and if you’re a WordPress developer, it won’t take much time to understand that code.

The log file will show you the problem and where it’s located. You need to go there and fix it.

It’s not going to magically fix your bugs but at least it makes you a better developer because once you fix those bugs, you’ll remember that for your next project.

You live, you learn!

Here are some useful posts regarding a plugin security


Most Read

#1 How to check if radio button is checked or not using JavaScript? #2 How to add Read More Read Less Button using JavaScript? #3 Solution to “TypeError: ‘x’ is not iterable” in Angular 9 #4 Solution to the error “Visual Studio Code can’t be opened because Apple cannot check it for malicious software” #5 How to uninstall Cocoapods from the Mac OS? #6 PHP Login System using PDO Part 1: Create User Registration Page

Recently Posted

#Apr 8 JSON.stringify() in JavaScript #Apr 7 Middleware in NextJS #Jan 17 4 advanced ways to search Colleague #Jan 16 Colleague UI Basics: The Search Area #Jan 16 Colleague UI Basics: The Context Area #Jan 16 Colleague UI Basics: Accessing the user interface
You might also like these
How to force your website to load securely with an .htaccess file?MiscellaneousJavaScript String Properties and MethodsJavaScriptWhat is Git?MiscellaneousHow to add multiple Columns in CSS like Bootstrap?CSSHow to Remove PHP File Extensions From Your Website URLs?PHPWhat are Class Constants in PHP?PHP