What are the common security flaws I need to look for? [closed]
Here is a modified checklist, based on my current (work-in-progress) settings/data security checklist used for reviewing Themes (the principles should be no different for Plugins than they are for Themes): Plugins should prefix all options, custom functions, custom variables, and custom constants with plugin-slug. Plugins should implement Plugin Options and Plugin Settings pages deliberately, rather … Read more