If you’re a coder, you might not keep up with the latest vulnerabilities and data breaches. One of the most common exploits is SQL injection. PHP developers often build SQL…
Secure coding
13 Articles
13
PHP is probably one of the most vulnerable languages for SQL injection (SQLi), mainly because many developers build queries dynamically using strings. PHP has prepared statements in its native class…
If you’re writing a WordPress plugin, you don’t want to write features that allow your users to be vulnerable to security bugs. The current_user_can function is a native WordPress security…
To avoid Cross-Site Request Forgery (CSRF) attacks, WordPress has two functions for plugin developers: wp_verify_nonce and check_ajax_referer. If you don’t use at least one of these functions, your plugin could…
The WordPress API has a huge learning curve, so you might miss authentication and authorization checks when you code your first plugin. This article will explain how an authentication failure…
The WordPress plugin All-In-One Sticky Floating Contact Form was found to have a vulnerability involving authorization bypasses. When you develop plugins for WordPress, it’s important to ensure that the user…
Every input sent in a server request should be inspected, sanitized, and validated before processing it in your code. WordPress plugins are great for adding features to your site for…
If you use any Sneeit WordPress themes or plugins, you should probably update it now. The Sneeit framework was found to have several vulnerabilities including remote code execution detailed in…
The CSV-to-SortTable WordPress plugin is a handy little tool for site owners, but its codebase shows that it was not built with hackers in mind. CSV-to-SortTable does not validate files…
Most applications need a database to store backend data, and Google Firebase is a great choice for serverless data management. It’s a cloud-based database hosted in Google Cloud, and it’s…
Page 1 of 2
Next