WordPress Plugin Security: Data Validation

Data validation in WordPress plugin concern with the pattern of data processed by the plugin. Data with certain context should match the pattern generally acceptable. For example: Phone number only contain numerical content Postal code data contain valid postal code for designated country Required fields must be filled before processing The process of validation should…

Read More »

WordPress Plugin Security: User Capabilities

One aspect of plugin security which we need to take notice when developing WordPress plugin is the user roles and their capabilities. WordPress can have many user and they can have specific roles with different capabilities. The basic roles in WordPress area: Super Admin Administrator Editor Author Contributor Subscriber Each of this roles have different…

Read More »