Skip to content

tanveeratlogicx/VAPTSecurity

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
assets
assets
 
 
bin
bin
 
 
includes
includes
 
 
templates
templates
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
ARCHITECTURE.md
ARCHITECTURE.md
 
 
CHANGELOG.md
CHANGELOG.md
 
 
DOCUMENTATION.md
DOCUMENTATION.md
 
 
FEATURES.md
FEATURES.md
 
 
Folder Structure.md
Folder Structure.md
 
 
Gemini CLI - Analysis.md
Gemini CLI - Analysis.md
 
 
LICENSE
LICENSE
 
 
PLAN.md
PLAN.md
 
 
README.md
README.md
 
 
README.txt
README.txt
 
 
SUPERADMIN_GUIDE.md
SUPERADMIN_GUIDE.md
 
 
USER_GUIDE.md
USER_GUIDE.md
 
 
VERSION_CONTROL.md
VERSION_CONTROL.md
 
 
composer.json
composer.json
 
 
index.php
index.php
 
 
package.json
package.json
 
 
prompt.txt
prompt.txt
 
 
reset-option.php
reset-option.php
 
 
test-config.php
test-config.php
 
 
test-integrations-mock.php
test-integrations-mock.php
 
 
test-vapt-features.php
test-vapt-features.php
 
 
test_concurrency.php
test_concurrency.php
 
 
test_cron_limit.php
test_cron_limit.php
 
 
test_diagnostics.php
test_diagnostics.php
 
 
test_diagnostics_standalone.php
test_diagnostics_standalone.php
 
 
test_rate_limiter_full.php
test_rate_limiter_full.php
 
 
uninstall.php
uninstall.php
 
 
vapt-config-sample.php
vapt-config-sample.php
 
 
vapt-config.php
vapt-config.php
 
 
vapt-security.php
vapt-security.php
 
 
write_test.txt
write_test.txt
 
 

Repository files navigation

VAPT Security

This is a WordPress Plugin created for Gargash Group - Gargash Equipment Solutions https://gargashequipmentsolutions.com

Create a WordPress Plugin, to fix the VAPT issues especially the one's being listed below:

  1. DOS Attack via wp-cron.php,
  2. Lack of Input Validation and
  3. Rate Limiting on Form Submission

While actually implementing the plugin, please ensure that it follows best practices for security and performance optimization, besides taking into account the following Recommendations:

  1. Restrict access to wp-cron.php by implementing rate limiting or server-level access rules. Consider disabling WP-Cron and configuring a system-level cron job instead. Ensure plugins using scheduled tasks are secured and do not expose sensitive operations.
  2. Implement strict server-side input validation and sanitization for all user-controlled fields. Enforce allow lists, expected formats, and length restrictions. Use established validation libraries and ensure that validation logic cannot be bypassed.
  3. Implement server-side rate limiting, CAPTCHA, or request throttling for all form endpoints. Monitor abnormal submission patterns and block IPs exhibiting suspicious activity. Ensure form processing logic gracefully handles high-volume traffic.

Outdated and Vulnerable WordPress Plugins

Recommendation: Review all installed WordPress plugins and ensure each is updated to the latest stable version. Remove unused or unmaintained plugins immediately. Enable automatic updates and periodically audit plugin integrity and version history.

Special Access URL wp-admin/admin.php?page=vapt-security

About

No description, website, or topics provided.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 5

Enhanced Rate Limit Diagnostics & Reliability Hardening Latest
Dec 27, 2025
+ 4 releases

Packages

 
 
 

Contributors

Languages