Learn icon indicating copy to clipboard operation
Learn copied to clipboard
verified publisher icon WordPress

Fixing common security vulnerabilities

Open jonathanbossenger opened this issue 2 years ago • 1 comments

Details

  • Content type (Online Workshop, Lesson, Course, Tutorial, or Lesson Plan): Lesson
  • Content title: Fixing common security vulnerabilities
  • Topic description: A more "real world" example of fixing common vulnerabilities, covering SQL Injection, Cross Site Scripting, Cross-site Request Forgery, Broken Access Control, and Open Redirects
  • Audience (User, Developer, Designer, Contributor, etc.): Developer
  • Experience Level (Beginner, Intermediate, Advanced, Any): Beginner

Learning Objectives

  • Explain what SQL Injection is and provide possible steps to fix it
  • Explain what Cross Site Scripting is and provide possible steps to fix it
  • Explain what Cross-site Request Forgery is and provide possible steps to fix it
  • Explain what Broken Access Control is and provide possible steps to fix it
  • Explain what an Open Redirect is and provide possible steps to fix it.

Related Resources and Other Notes

  • https://learn.wordpress.org/tutorial/extending-wordpress-common-security-vulnerabilities/
  • https://developer.wordpress.org/apis/security/
  • https://developer.wordpress.org/apis/security/common-vulnerabilities/

Automation Code

jonathanbossenger avatar Oct 09 '23 14:10 jonathanbossenger

https://github.com/WordPress/Learn/assets/180629/2f4d0102-2a99-43ca-b232-7a3d6823f5fe

Video ready for review

Please follow the Guidelines for reviewing content to review this lesson.

jonathanbossenger avatar Mar 28 '24 16:03 jonathanbossenger

Tutorial/Lessons Review Checklist

  • [x] Learning outcomes/objectives are clear.
  • [x] Technical concepts introduced in the content are accurate.
  • [x] The speed of demonstrations are easy to follow.
  • [x] The narration audio matches what is shown visually.
  • [x] Spelling and grammar are correct.
  • [x] Sound quality is consistent throughout the video.
  • [ ] Brand Usage Guidelines and Promotional Guidelines are being followed.
  • [ ] Media assets are all in the public domain (CC0).

Super useful tutorial!

I noticed a little audio bug: at 2:26, the sound is cut, like a missing consonant.

ironnysh avatar Apr 12 '24 15:04 ironnysh

Thanks. The audio issue at 2:26 was due to a bad recording, it's not a huge train smash.

jonathanbossenger avatar Apr 26 '24 13:04 jonathanbossenger