Skip to content
Patchstack Academy

Idea list

If you are looking forward to contributing to Patchstack Academy, here are some TODO that you can work on.

  • Privilege Escalation: wp_set_current_user exploit case
  • Broken Access Control: bypass nonce check if the nonce check is leaked to non-privileged user
  • XSS: only allowing limited HTML on post content using wp_kses_post and wp_kses

Any other cases not mentioned here along with adjustments and improvements are welcome.