March 10, 2023 — This session picks up from the last preventing common security vulnerabilities session (https://wordpress.tv/2023/03/03/lets-code-preventing-common-security-vulnerabilities/), and cover’s how to use nonces to prevent cross-site request forgery vulnerabilities
March 3, 2023 — In the “Using the WordPress REST API” tutorial you were introduced to the WordPress REST API, as well as the Backbone.js client to interact with it.
In this tutorial, we will look at how you can interact with the WP REST API further, but adding and deleting data.
March 3, 2023 — Earlier this year, we looked at the theory behind developing WordPress plugins and themes securely. We covered how to develop a security mindset, and the guiding principles of secure development, and looked at the five examples of these principles, Sanitizing Data, Validating Data, Escaping Data, Nonces, and User Roles and Capabilities.
In this session, we will look at how these principles are applied in real-world examples, by understanding common security vulnerabilities, how they can be exploited by would-be attackers, and what you can do to prevent them.
February 24, 2023 — WordPress 6.2 is scheduled to be released on March 28, 2023, with the first Release Candidate (RC) to be available to test on March 7, 2023.
Testing an upcoming release is a great way to make sure your themes and plugins will work with the newest release, while also making sure you keep up to date with upcoming features.
In this session, you’ll learn how to use the WordPress Beta Tester plugin to test a new WordPress release, and where to find information to test the new features. We’ll also cover how to log an issue in the WordPress release ticketing system, should you come across a bug.
February 18, 2023 — In this session, I answer any developer-focused questions folks have. What questions do you have about WordPress development? Is there something you don’t understand, a piece of code you’re struggling with, or a problem you’re trying to solve?
However, it also provides a more predictable and structured way to interact with your site’s content than using admin-ajax. In this session, you will learn how to use the WP REST API in place of using admin-ajax, in order to interact with existing WordPress data.
February 10, 2023 — The WordPress REST API is more than just a set of default routes. It is also a tool for creating custom routes and endpoints. In this session, you’ll learn how to create custom routes and endpoints, and test them using Postman.
February 3, 2023 — With WordPress now powering over 40% of the web, website owners need to think more about online security. Almost every week a new plugin vulnerability is found and patched, leading to concerns about the security of WordPress.
Fortunately for the new plugin developer, the WordPress developer handbook has an extensive section on Plugin Security. If followed, plugin vulnerabilities can be drastically reduced, and the entire ecosystem is protected.
This tutorial will introduce the new developer to the first 5 areas of plugin security, using easy-to-understand examples.
January 27, 2023 — In this session, we will continue to learn how to use the WP REST API and Backbone.js client by looking at how to make update requests, how to add or update custom fields on posts, and how to authenticate REST API requests when not logged into a WordPress site.
At the same time, we’ll review how to use the Postman API testing tool to test our WP REST API Requests