Day 34/45 — Gauri Kaushik

◯

Theory & Deliverables

Day 34 · Security Audit Practice

Audit plugin against OWASP Top 10 — WP-relevant items only

Check: every $wpdb query uses prepare() — grep for raw queries

Check: ALL output uses esc_html/esc_attr/esc_url — grep for bare echo $

🎯 Deliverable

Security audit doc committed — zero issues found or fixed

◆

Plugin Implementation Task

WP Enterprise Showcase

✨ Building since Day 1

Full security audit — line by line, document findings

Security checklist: (1) grep '$wpdb' — every query has prepare(), (2) grep 'echo $' — every output is escaped, (3) All REST write endpoints: nonce + capability, (4) All form submissions: check_admin_referer(), (5) No sensitive data in error messages. Write docs/security-audit.md.

📄 Files: docs/security-audit.md + any security fixes needed

⸻ feature/day-34-security-audit

Mark done after GitHub commit & push

●

Daily Non-Negotiables

All 6. Every day. No exceptions.

▶

Git Commit

Push before day ends

○

Exercise

30+ min movement

■

Book Reading

Before sleep

◆

AI Tool 30min

Claude

◯

Communication

Explain something aloud

★

Reflection

Written note below

▪

45-Day Progress Map

Click any day to review it

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45

P1: WP Core (1-10) P2: Git/CI (11-20) P3: Gutenberg (21-30) P4: VIP (31-38) P5: Interview (39-45)

★

Daily Self-Rating

Honest. No one sees this but you.

Technical Depth Can I explain what I built today?

0/5

Communication Did I explain clearly without rushing?

0/5

Interview Confidence How calm would I be in an interview right now?

0/5

Self-Discipline Did I stick to the plan?

0/5

Energy & Focus Was I genuinely present during study time?

0/5

■

Book Reading Log

Read before sleep. Summarise here.

◆

AI Tool — 30 Min Session

Today: Claude

○

End-of-Day Reflection

Honest. Specific. No excuses.

What confused me today? What would I explain differently? One win I'm underestimating: