More Related Content


Preventing Common Security Vulnerabilities

  1. Jonathan Bossenger Let’s Code Preventing Common Security Vulnerabilities
  2. 2 👋🏽 Welcome! As you join, please make sure you have your local development environment ready: • A local WordPress installation • A code editor like VSCode or Sublime • An insecure plugin • learn-plugin- security/releases/download/1.0.0/wp-learn- Then, let everyone know in the chat where you’re joining us from… Hello! ○ My name is Jonathan Bossenger ○ From Cape Town, South Africa ○ Developer educator at Automattic ○ Sponsored to work with the Training Team ○
  3. Let's code! Preventing Common Security Vulnerabilities Jonathan Bossenger
  4. Announcements ○ Welcome, and thanks for joining! ○ Please let me know if you can’t see this slide! ○ We are presenting in focus mode, but please feel free to enable your video. ○ You are welcome to ask questions. ○ You are welcome to post questions in the chat, or unmute to ask questions.
  5. Announcements ○ Make sure your local install is ready ○ security/releases/download/1.0.0/ ○ If I am going too fast, please let me know! ○ We will be posting this session to afterwards ○ For more WordPress focused content please visit
  6. Learning Outcomes 1. Review common vulnerabilities - OWASP 2. Preventing common vulnerabilities • SQL Injection • Cross Site Scripting (XSS) • Cross-site Request Forgery (CSRF) • Broken Access Control 3. Bonus round 4. Where to go to learn more
  7. Objectives 1 1. Setup and review the insecure plugin 2. Prevent any possible SQL injections 3. Prevent any possible XSS vulnerabilities 4. Prevent any possible CSRF vulnerabilities 5. Find the bonus security vulnerability 7
  8. 8 Let’s code.
  9. Resources ○ ○ ○ ○

Editor's Notes

  1. TITLE SLIDE: Make a copy of this presentation to your Google Drive, and edit to replace with your details.