Automatically pwn the top 1000 WordPress plugins for fun, profit and school

This article is the first part of many on a Taint Analysis Tool I wrote for the PHP Programming Language. This part talks about how I make use of the tool to automatically look for vulnerabilities in the top 1000 WordPress Plugin!

Similar

Goodbye WordPress, Hello Static Blog

<p>I have been running my blog on Wordpress for almost a year now and although it is a great blogging platform I have hit a few hiccups along the way which have led me to want to change my tactics. My primary concerns were a recent attack on the XML... (more…)

Read more »

Hacking 27% of the Web via WordPress Auto-Update

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community. In addition to this research, we regularly examine WordPress core and the related wordpress.org systems. ...

Read more »