A WordPress plugin designed for educational purposes, demonstrating techniques used in plugin-based persistence and evasion, to aid in security research and training.
-
Updated
Apr 25, 2025 - PHP
#
plugin-security
Here are 5 public repositories matching this topic...
This tool scans WordPress sites for vulnerabilities in the "RegistrationMagic" plugin (CVE-2024-10508). It checks for the presence of a specific version (`6.0.2.6`) and marks the site as vulnerable if found. The results are saved in a file (`vuln.txt`) for further analysis.
python wordpress vulnerability wordpress-security vulnerability-detection security-tools vulnerability-scanner plugin-security cve-scanner cve-2024-10508 registrationmagic
-
Updated
Nov 21, 2024 - Python
WASM (sandboxed) security canary for fledge — proves the Wasmtime sandbox blocks every attack the native canary exposes
-
Updated
May 2, 2026 - Rust
Native (unsandboxed) security canary for fledge — probes what an untrusted plugin can access with full user permissions
-
Updated
May 2, 2026 - Shell
Professional Agent Skill for building, auditing, testing, and releasing modern WordPress plugins with Codex, Cursor, and Claude Code.
javascript php wordpress wp-cli wordpress-plugin developer-tools cursor gutenberg wordpress-security block-editor codex plugin-security ai-agent agent-skills claude-code
-
Updated
Apr 27, 2026 - JavaScript
Improve this page
Add a description, image, and links to the plugin-security topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the plugin-security topic, visit your repo's landing page and select "manage topics."