Could your plugin be the cause of a WordPress site being hacked? WordPress security experts Mark Jaquith, Jon Cave, and Brad Williams will be performing live security reviews of submitted plugins on Saturday as well as providing tips on security best practices in plugin and theme development. Standard coding techniques and patterns to defend against attacks such as XSS, CSRF and SQLi will be taught by example. If that previous sentence makes no sense to you, you really need to attend this session!
Mark is a WordPress lead developer and a freelance WordPress security consultant, Jon is a core developer and member of the security team, and Brad is author of Professional WordPress Plugin Development and a security fanatic. Together they have helped numerous plugin and theme authors fix vulnerabilities in their products.
If you would like to have your plugin reviewed then submit it using the form. We are looking for plugins that are relatively short in length, approximately 400 lines of code or fewer, and will select a few to review together during the session.
Check out the slides for the Security Showdown.