Submit Search
Upload
Writing Secure Plugins — WordCamp New York 2009
•
13 likes
•
7,652 views
Mark Jaquith
Follow
How to write secure plugins, from my presentation at WordCamp New York 2009.
Read less
Read more
Technology
Business
Slideshow view
Report
Share
Slideshow view
Report
Share
1 of 54
Download now
Download to read offline
Recommended
Mojolicious, real-time web framework
Mojolicious, real-time web framework
taggg
Mojolicious: what works and what doesn't
Mojolicious: what works and what doesn't
Cosimo Streppone
Mojolicious on Steroids
Mojolicious on Steroids
Tudor Constantin
Mojolicious - Perl Framework for the Real-Time Web (Lightning Talk)
Mojolicious - Perl Framework for the Real-Time Web (Lightning Talk)
Dotan Dimet
Mojolicious - A new hope
Mojolicious - A new hope
Marcus Ramberg
Mojolicious. Веб в коробке!
Mojolicious. Веб в коробке!
Anatoly Sharifulin
Plugin jQuery, Design Patterns
Plugin jQuery, Design Patterns
Robert Casanova
Mojolicious
Mojolicious
Marcos Rebelo
Recommended
Mojolicious, real-time web framework
Mojolicious, real-time web framework
taggg
Mojolicious: what works and what doesn't
Mojolicious: what works and what doesn't
Cosimo Streppone
Mojolicious on Steroids
Mojolicious on Steroids
Tudor Constantin
Mojolicious - Perl Framework for the Real-Time Web (Lightning Talk)
Mojolicious - Perl Framework for the Real-Time Web (Lightning Talk)
Dotan Dimet
Mojolicious - A new hope
Mojolicious - A new hope
Marcus Ramberg
Mojolicious. Веб в коробке!
Mojolicious. Веб в коробке!
Anatoly Sharifulin
Plugin jQuery, Design Patterns
Plugin jQuery, Design Patterns
Robert Casanova
Mojolicious
Mojolicious
Marcos Rebelo
Contributing to WordPress Core - Peter Wilson
Contributing to WordPress Core - Peter Wilson
WordCamp Sydney
jQuery Plugin Creation
jQuery Plugin Creation
benalman
RESTful web services
RESTful web services
Tudor Constantin
Keeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro framework
Jeremy Kendall
Childthemes ottawa-word camp-1919
Childthemes ottawa-word camp-1919
Paul Bearne
Inside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and others
Yusuke Wada
Make your own wp cli command in 10min
Make your own wp cli command in 10min
Ivelina Dimova
You Don't Know Query - WordCamp Portland 2011
You Don't Know Query - WordCamp Portland 2011
andrewnacin
Keeping it small - Getting to know the Slim PHP micro framework
Keeping it small - Getting to know the Slim PHP micro framework
Jeremy Kendall
Avinash Kundaliya: Javascript and WordPress
Avinash Kundaliya: Javascript and WordPress
wpnepal
Developing apps using Perl
Developing apps using Perl
Anatoly Sharifulin
Mojolicious
Mojolicious
Marcus Ramberg
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Arc & Codementor
Keeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro Framework
Jeremy Kendall
You Don't Know Query (WordCamp Netherlands 2012)
You Don't Know Query (WordCamp Netherlands 2012)
andrewnacin
Xmpp prebind
Xmpp prebind
Syed Arshad
Slim RedBeanPHP and Knockout
Slim RedBeanPHP and Knockout
Vic Metcalfe
How to learn j query
How to learn j query
Baoyu Xu
Responsive Design with WordPress
Responsive Design with WordPress
Joe Casabona
Let's write secure drupal code! - Drupal Camp Pannonia 2019
Let's write secure drupal code! - Drupal Camp Pannonia 2019
Balázs Tatár
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Tatsuhiko Miyagawa
mro-every.pdf
mro-every.pdf
Workhorse Computing
More Related Content
What's hot
Contributing to WordPress Core - Peter Wilson
Contributing to WordPress Core - Peter Wilson
WordCamp Sydney
jQuery Plugin Creation
jQuery Plugin Creation
benalman
RESTful web services
RESTful web services
Tudor Constantin
Keeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro framework
Jeremy Kendall
Childthemes ottawa-word camp-1919
Childthemes ottawa-word camp-1919
Paul Bearne
Inside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and others
Yusuke Wada
Make your own wp cli command in 10min
Make your own wp cli command in 10min
Ivelina Dimova
You Don't Know Query - WordCamp Portland 2011
You Don't Know Query - WordCamp Portland 2011
andrewnacin
Keeping it small - Getting to know the Slim PHP micro framework
Keeping it small - Getting to know the Slim PHP micro framework
Jeremy Kendall
Avinash Kundaliya: Javascript and WordPress
Avinash Kundaliya: Javascript and WordPress
wpnepal
Developing apps using Perl
Developing apps using Perl
Anatoly Sharifulin
Mojolicious
Mojolicious
Marcus Ramberg
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Arc & Codementor
Keeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro Framework
Jeremy Kendall
You Don't Know Query (WordCamp Netherlands 2012)
You Don't Know Query (WordCamp Netherlands 2012)
andrewnacin
Xmpp prebind
Xmpp prebind
Syed Arshad
Slim RedBeanPHP and Knockout
Slim RedBeanPHP and Knockout
Vic Metcalfe
How to learn j query
How to learn j query
Baoyu Xu
Responsive Design with WordPress
Responsive Design with WordPress
Joe Casabona
Let's write secure drupal code! - Drupal Camp Pannonia 2019
Let's write secure drupal code! - Drupal Camp Pannonia 2019
Balázs Tatár
What's hot
(20)
Contributing to WordPress Core - Peter Wilson
Contributing to WordPress Core - Peter Wilson
jQuery Plugin Creation
jQuery Plugin Creation
RESTful web services
RESTful web services
Keeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro framework
Childthemes ottawa-word camp-1919
Childthemes ottawa-word camp-1919
Inside Bokete: Web Application with Mojolicious and others
Inside Bokete: Web Application with Mojolicious and others
Make your own wp cli command in 10min
Make your own wp cli command in 10min
You Don't Know Query - WordCamp Portland 2011
You Don't Know Query - WordCamp Portland 2011
Keeping it small - Getting to know the Slim PHP micro framework
Keeping it small - Getting to know the Slim PHP micro framework
Avinash Kundaliya: Javascript and WordPress
Avinash Kundaliya: Javascript and WordPress
Developing apps using Perl
Developing apps using Perl
Mojolicious
Mojolicious
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Keeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro Framework
You Don't Know Query (WordCamp Netherlands 2012)
You Don't Know Query (WordCamp Netherlands 2012)
Xmpp prebind
Xmpp prebind
Slim RedBeanPHP and Knockout
Slim RedBeanPHP and Knockout
How to learn j query
How to learn j query
Responsive Design with WordPress
Responsive Design with WordPress
Let's write secure drupal code! - Drupal Camp Pannonia 2019
Let's write secure drupal code! - Drupal Camp Pannonia 2019
Similar to Writing Secure Plugins — WordCamp New York 2009
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Tatsuhiko Miyagawa
mro-every.pdf
mro-every.pdf
Workhorse Computing
Software livre e padrões abertos no desenvolvimento Web
Software livre e padrões abertos no desenvolvimento Web
Felipe Ribeiro
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
Amazon Web Services
AnyMQ, Hippie, and the real-time web
AnyMQ, Hippie, and the real-time web
clkao
Developing applications for performance
Developing applications for performance
Leon Fayer
Customizer-ing Theme Options: A Visual Playground
Customizer-ing Theme Options: A Visual Playground
DrewAPicture
WordPress: From Antispambot to Zeroize
WordPress: From Antispambot to Zeroize
Yoav Farhi
מ-antispambot ועד zeroise – עשר פונקציות וורדפרס שאתם כנראה לא מכירים
מ-antispambot ועד zeroise – עשר פונקציות וורדפרס שאתם כנראה לא מכירים
Miriam Schwab
WCLV13 JavaScript
WCLV13 JavaScript
Jeffrey Zinn
Introduction To Moco
Introduction To Moco
Naoya Ito
Wp query
Wp query
Savita Soni
Daily notes
Daily notes
meghendra168
logic321
logic321
logic321
WordPress Plugin & Theme Security - WordCamp Melbourne - February 2011
WordPress Plugin & Theme Security - WordCamp Melbourne - February 2011
John Ford
November Camp - Spec BDD with PHPSpec 2
November Camp - Spec BDD with PHPSpec 2
Kacper Gunia
Building a desktop app with HTTP::Engine, SQLite and jQuery
Building a desktop app with HTTP::Engine, SQLite and jQuery
Tatsuhiko Miyagawa
The History of PHPersistence
The History of PHPersistence
Hugo Hamon
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
arcware
Perl Web Client
Perl Web Client
Flavio Poletti
Similar to Writing Secure Plugins — WordCamp New York 2009
(20)
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
mro-every.pdf
mro-every.pdf
Software livre e padrões abertos no desenvolvimento Web
Software livre e padrões abertos no desenvolvimento Web
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
(DEV305) Building Apps with the AWS SDK for PHP | AWS re:Invent 2014
AnyMQ, Hippie, and the real-time web
AnyMQ, Hippie, and the real-time web
Developing applications for performance
Developing applications for performance
Customizer-ing Theme Options: A Visual Playground
Customizer-ing Theme Options: A Visual Playground
WordPress: From Antispambot to Zeroize
WordPress: From Antispambot to Zeroize
מ-antispambot ועד zeroise – עשר פונקציות וורדפרס שאתם כנראה לא מכירים
מ-antispambot ועד zeroise – עשר פונקציות וורדפרס שאתם כנראה לא מכירים
WCLV13 JavaScript
WCLV13 JavaScript
Introduction To Moco
Introduction To Moco
Wp query
Wp query
Daily notes
Daily notes
logic321
logic321
WordPress Plugin & Theme Security - WordCamp Melbourne - February 2011
WordPress Plugin & Theme Security - WordCamp Melbourne - February 2011
November Camp - Spec BDD with PHPSpec 2
November Camp - Spec BDD with PHPSpec 2
Building a desktop app with HTTP::Engine, SQLite and jQuery
Building a desktop app with HTTP::Engine, SQLite and jQuery
The History of PHPersistence
The History of PHPersistence
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
Perl Web Client
Perl Web Client
More from Mark Jaquith
Cache Money Business
Cache Money Business
Mark Jaquith
Scaling WordPress
Scaling WordPress
Mark Jaquith
Creating and Maintaining WordPress Plugins
Creating and Maintaining WordPress Plugins
Mark Jaquith
Coding, Scaling, and Deploys... Oh My!
Coding, Scaling, and Deploys... Oh My!
Mark Jaquith
WordPress Security - WordCamp Phoenix
WordPress Security - WordCamp Phoenix
Mark Jaquith
WordPress Custom Post Types
WordPress Custom Post Types
Mark Jaquith
Writing Your First WordPress Plugin
Writing Your First WordPress Plugin
Mark Jaquith
What I Hate About Wordpress
What I Hate About Wordpress
Mark Jaquith
BuddyPress and the Future of WordPress Plugins
BuddyPress and the Future of WordPress Plugins
Mark Jaquith
"State of the Word" at WordCamp Mid-Atlantic, by Mark Jaquith
"State of the Word" at WordCamp Mid-Atlantic, by Mark Jaquith
Mark Jaquith
Secure Coding With Wordpress (BarCamp Orlando 2009)
Secure Coding With Wordpress (BarCamp Orlando 2009)
Mark Jaquith
Wordcamp Charlotte: WordPress Today and Tomorrow
Wordcamp Charlotte: WordPress Today and Tomorrow
Mark Jaquith
Secure Coding with WordPress - WordCamp SF 2008
Secure Coding with WordPress - WordCamp SF 2008
Mark Jaquith
Amping up your WordPress Blog
Amping up your WordPress Blog
Mark Jaquith
Contributing To WordPress
Contributing To WordPress
Mark Jaquith
More from Mark Jaquith
(15)
Cache Money Business
Cache Money Business
Scaling WordPress
Scaling WordPress
Creating and Maintaining WordPress Plugins
Creating and Maintaining WordPress Plugins
Coding, Scaling, and Deploys... Oh My!
Coding, Scaling, and Deploys... Oh My!
WordPress Security - WordCamp Phoenix
WordPress Security - WordCamp Phoenix
WordPress Custom Post Types
WordPress Custom Post Types
Writing Your First WordPress Plugin
Writing Your First WordPress Plugin
What I Hate About Wordpress
What I Hate About Wordpress
BuddyPress and the Future of WordPress Plugins
BuddyPress and the Future of WordPress Plugins
"State of the Word" at WordCamp Mid-Atlantic, by Mark Jaquith
"State of the Word" at WordCamp Mid-Atlantic, by Mark Jaquith
Secure Coding With Wordpress (BarCamp Orlando 2009)
Secure Coding With Wordpress (BarCamp Orlando 2009)
Wordcamp Charlotte: WordPress Today and Tomorrow
Wordcamp Charlotte: WordPress Today and Tomorrow
Secure Coding with WordPress - WordCamp SF 2008
Secure Coding with WordPress - WordCamp SF 2008
Amping up your WordPress Blog
Amping up your WordPress Blog
Contributing To WordPress
Contributing To WordPress
Recently uploaded
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
Pixlogix Infotech
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
Memoori
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Recently uploaded
(20)
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Writing Secure Plugins — WordCamp New York 2009
1.
Writing Secure
Plugins Mark Jaquith @markjaquith markjaquith.com coveredwebservices.com Saturday, November 14, 2009
2.
XSS
privilege shell execution escalation CSRF SQL injection Saturday, November 14, 2009
3.
Plugin
security is hit-or-miss Saturday, November 14, 2009
4.
Mostly
miss Saturday, November 14, 2009
5.
SQL
Injection Saturday, November 14, 2009
6.
<?php
$wpdb->query( "UPDATE $wpdb->posts SET post_title = '$newtitle' WHERE ID = $my_id" ); ?> Saturday, November 14, 2009
7.
<?php
$newtitle = esc_sql( $newtitle ); $my_id = absint( $my_id ); $wpdb->query( "UPDATE $wpdb->posts SET post_title = '$newtitle' WHERE ID = $my_id" ); ?> Saturday, November 14, 2009
8.
$wpdb->update() Saturday, November 14,
2009
9.
<?php
$wpdb->update( $wpdb->posts, array( 'post_title' => $newtitle ), array( 'ID' => $my_id ) ); ?> Saturday, November 14, 2009
10.
$wpdb->insert() Saturday, November 14,
2009
11.
<?php
$wpdb->insert( $wpdb->posts, array( 'post_title' => $newtitle ) ); ?> Saturday, November 14, 2009
12.
<?php
$wpdb->update( $wpdb->posts, array( 'post_title' => $newtitle, 'post_content' => $newcontent ), array( 'ID' => $my_id, 'post_title' => $old_title ) ); ?> Saturday, November 14, 2009
13.
<?php
$post_title = 'New Title'; $wheres['ID'] = 123; $wheres['post_title'] = 'Old Title'; $wpdb->update( $wpdb->posts, compact( 'post_title' ), $wheres ); ?> Saturday, November 14, 2009
14.
$wpdb->prepare() Saturday, November 14,
2009
15.
<?php
$title = 'Post Title'; $ID = 123; $content = $wpdb->get_var( $wpdb->prepare( "SELECT post_content FROM $wpdb->posts WHERE post_title = %s AND ID = %d", $title, $ID ) ); ?> Saturday, November 14, 2009
16.
•Uses sprintf() formatting
•%s for strings •%d for integers •You should not quote or escape Saturday, November 14, 2009
17.
Escape
late Saturday, November 14, 2009
18.
XSS Saturday, November 14,
2009
19.
<h1>
<?php echo $title; ?> </h1> Saturday, November 14, 2009
20.
<?php
$title = '<script> pwnage(); </script>' ?> <h1> <?php echo $title; ?> </h1> Saturday, November 14, 2009
21.
Anything that
isn’t hardcoded is suspect Saturday, November 14, 2009
22.
Better:
Everything is suspect Saturday, November 14, 2009
23.
Saturday, November 14,
2009
24.
esc_html() Saturday, November 14,
2009
25.
<?php
$title = '<script> pwnage(); </script>' ?> <h1> <?php echo esc_html( $title ); ?> </h1> Saturday, November 14, 2009
26.
<?php
$title = '" onmouseover="pwnd();'; ?> <a href="#wordcamp" title=" <?php echo $title; ?> "> Link Text </a> Saturday, November 14, 2009
27.
esc_attr() Saturday, November 14,
2009
28.
<?php
$title = '" onmouseover="pwnd();'; ?> <a href="#wordcamp" title=" <?php echo esc_attr( $title ); ?> "> Link Text </a> Saturday, November 14, 2009
29.
<?php
$url = 'javascript:pwnage();'; ?> <a href=" <?php echo esc_attr( $url ); ?> "> WRONG Link Text </a> Saturday, November 14, 2009
30.
esc_url() Saturday, November 14,
2009
31.
<?php
$url = 'javascript:pwnage();'; ?> <a href=" <?php echo esc_url( $url ); ?> "> Link Text </a> Saturday, November 14, 2009
32.
esc_url_raw(),
sister of esc_url() Saturday, November 14, 2009
33.
esc_ js() Saturday, November
14, 2009
34.
<script>
var foo = '<?php echo esc_js( $bar ); ?>'; </script> Saturday, November 14, 2009
35.
CSRF Saturday, November 14,
2009
36.
Authorization
vs. Intention Saturday, November 14, 2009
37.
Nonces
action-, object-, user-specific time limited secret keys Saturday, November 14, 2009
38.
Specific to
•WordPress user •Action attempted •Object of attempted action •Time window Saturday, November 14, 2009
39.
wp_nonce_field() Saturday, November 14,
2009
40.
<form action="process.php"
method="post"> <?php wp_nonce_field('plugin-action_object'); ?> ... </form> Saturday, November 14, 2009
41.
check_admin_referer( ) Saturday, November
14, 2009
42.
<?php
// before output goes to browser check_admin_referer('plugin- action_object'); ?> Saturday, November 14, 2009
43.
Still need to
use current_user_can() Saturday, November 14, 2009
44.
AJAX
CSRF Saturday, November 14, 2009
45.
• wp_create_nonce(
'your_action' ); • &_ajax_nonce=YOUR_NONCE • check_ajax_referer( 'your_action' ); Saturday, November 14, 2009
46.
Privilege
Escalation Saturday, November 14, 2009
47.
current_user_can() Saturday, November 14,
2009
48.
Set your salts!
http://api.wordpress.org/secret-key/1.1/ Saturday, November 14, 2009
49.
Stupid shit
I see all the time Saturday, November 14, 2009
50.
exec() Saturday, November 14,
2009
51.
<form action="<?php echo
$_SERVER['REQUEST_URI']; ?>"> Saturday, November 14, 2009
52.
<a href="<?php echo
$url; ?>" title="<?php echo $title; ?>"> <?php echo $text; ?> </a> <script> var foo = '<?php echo $js; ?>'; </script> Saturday, November 14, 2009
53.
<a href="<?php echo
esc_url( $url ); ?>" title="<?php echo esc_attr( $title ); ?>"> <?php echo esc_html( $text ); ?> </a> <script> var foo = '<?php echo esc_js( $js ); ?>'; </script> Saturday, November 14, 2009
54.
Discussion Saturday, November 14,
2009
Download now