This topic will cover 5 basic tips for creating a secure WordPress plugin : – CSRF protection using nonce – XSS protection using esc_html function – Sanitizing user input to prevent SQL injection – Restrict unauthenticated users with current_user_can – Data Validation – Take immediate action when a vulnerability is reported in your plugin

Presentation Slides »