Difficulty: Intermediate

Preventing a WordPress XSS Attack: Complete Guide to Validating, Sanitizing, and Escaping Data

sanitization kit against xss attack

When it comes to making your WordPress site secure as a developer, probably the most impactful thing you can do is make sure you always clean up data that your code receives from users. That means, generally, two things, validating or sanitizing it on the way into your system. And escaping it on the way out, reducing the chance of a WordPress XSS attack. WordPress Cross-site Scripting attacks are one of the most common ways people compromise sites. So today we’ll cover how they work.


WordPress Development for Beginners: “Does the User See It?”

Getting started with WordPress development can be disorienting. As I’ve written, software development (including WordPress development) is a lot like caving, and trying to do your first WordPress development project can be like waking up somewhere in the middle of a dark cave and trying to figure it out from there.