The WordPress Security White Paper
The WordPress Security White Paper is available directly on the WordPress.org site on WordPress.org/about/security. The HTML and PDF versions are available here at WordPress's GitHub repository for any updates and/or additions. If you notice any typos or would like to suggest any changes, please contribute a pull request.
Thank you to all who contributed to the initial release and compilation of the white paper: Barry Abrahamson, Michael Adams, Jon Cave, Helen Hou-Sandí, Dion Hulse, Mo Jangda, and Paul Maiorana.
The text in the white paper (not including the WordPress logo or trademark) is licensed under CC0 1.0 Universal (CC0 1.0) Public Domain Dedication. You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission.
We’d really love to encourage and help share translations of the white paper to the global WordPress community. If you have a translation to contribute, please add it to the WordPress GitHub repo so others can benefit, too. Pull requests welcome!
To translate the white paper, please create a sub-directory of the project under Working Translations, giving it the correct ISO639 code (for example, pt for Portuguese), and submit a pull request. Once the translation has reached a release / first full translation, we'll move it to its own subdirectory at the top level, and subsequent updates will happen in that location.
New to GitHub? Community member Japh created this screencast video to show you how to get started with translating the white paper.