This article was originally written by David Kierznowski from Operation n, titled, "Writing Secure WordPress Plugins (part 1)".
Table of Contents

Introduction
attribute_escape
wp_nonce
Summary
References

Introduction
WordPress has become one of the most popular blogging packages on the Internet; this is largely due to its ease of use and its object oriented design which allows the user to easily extend its capabilities [...]

See updated post: 1000 Blog Vulnerability Assessment

BlogSecurity incrementally harvested the WordPress software version from 50 blogs; the results were frightening to say the least.

The following statement was taken from WordPress: None of these [WordPress Versions] are safe to use, except the latest in the 2.0 or 2.1 series, which are both actively maintained.

Currently (at the [...]