WordPress Security Research: A Beginner’s Guide

Join us for a foundational series and unpack the essentials of WordPress vulnerability discovery. We’ll take a first-principles approach and offer a taste of what vulnerability research is, why WordPress is an ideal starting point for beginners, and how you can get involved.

Alex provides a detailed look at the request and response architecture of WordPress and how action and filter hooks create opportunities for vulnerabilities. Follow along as Alex demonstrates how to exploit a real-world vulnerability and abuse missing authorization in a hooked function.

What You’ll Learn

• What vulnerability research is and why it’s important
• How to conduct vulnerability research, including defining scope, information gathering, static and dynamic analysis, debugging, and responsible disclosure
• The basics of WordPress request architecture and hooks, including actions and filters
• The methodology for analyzing WordPress plugins and themes for vulnerabilities
• Key routes, hooks, and examples of potential vulnerabilities in WordPress
• How to set up a vulnerability research environment using tools like Docker, Xdebug, Visual Studio Code, Adminer, Mail Catcher, WordPress CLI, and Burp Suite
• Additional resources for further learning, including WordFence’s blog, further reading on vulnerabilities, and joining the WordFence Discord for discussions and technical support