Last year in December we released once a day a vulnerability affecting WordPress core or one of the most popular WordPress plugins, next to a critical persistent XSS in
wordpress.org.
This blogpost will summarize common mistakes developers make and the overall impact our
advent calendar had on the WordPress community and the current state of WordPress
security.