Filter by tag: apav

Learnings from WordPress Security Month

9 min read 15 Jan 2019 by Simon Scannell
Last year in December we released once a day a vulnerability affecting WordPress core or one of the most popular WordPress plugins, next to a critical persistent XSS in wordpress.org. This blogpost will summarize common mistakes developers make and the overall impact our advent calendar had on the WordPress community and the current state of WordPress security.

PHP Security Advent Calendar 2018

1 min read 27 Nov 2018 by Johannes Dahse
The holiday season is coming up again and it’s time for some security fun. For the third time in a row, we are proud to announce our PHP security advent calendar. This year, we will analyze 24 exciting security bugs that we detected in the most widespread WordPress plugins.

PHP Security Advent Calendar 2017 Wrap-Up

6 min read 4 Jan 2018 by Felix Knischewski
In this year’s PHP Security Advent Calendar we published 24 challenges for the PHP community where security issues were hidden in code snippets for fun and training. The challenges are based on real-world security vulnerabilities that we found with the help of RIPS over the last year in popular PHP applications. Learn more about the main take-aways regarding PHP security.

PHP Security Advent Calendar 2017

1 min read 30 Nov 2017 by Johannes Dahse
We are happy to announce this year’s PHP security advent calendar where we will release a new calendar gift from December 1st to 24th. This year, we will focus on nifty PHP pitfalls and release a daily code challenge for you to solve. Can you spot the daily security bug?

What we learned from our Advent Calendar

8 min read 24 Dec 2016 by Johannes Dahse
In our final advent calendar post, we summarize what we learned during this thrilling advent time. We reveal how the affected vendors reacted to our reportings behind the scenes. Was it right to publish all these sensitive issues? What conclusions can we draw about the security state of PHP applications from our findings?