24 May

Tip For Security Researchers: wp_insert_post() and wp_update_post() Sanitize the Submitted Input

From reviewing lots of vulnerability reports one of our big takeaways is that the proper testing of suspected vulnerabilities often isn’t being done by security researchers. Without doing that you miss an easy to chance to catch things happening that nullify potential vulnerabilities in part or sometimes in full.

[Read more]