Have you ever renamed a PHP file in your WordPress installation appending a .bak or .old or something like that to the end of the filename? If your answer is yes, you may be exposing your site to a severe security risk.
Altering the name of a .php file as described above means your server is not going to process the file as a PHP file anymore, the server will allow a visitor to download or open the file as a plain text file. Therefore someone trying to find vulnerabilities in your site would be able to read the contents of your renamed PHP files.
If the renamed file doesn’t contain any sensitive data, it’s just code, maybe it’s not something to worry about, but if you did that to an important file of your WordPress, as the wp-config.php file, you’re allowing a potential attacker to know very sensitive data. And yeah, that’s something to be really worried about!
When talking about WordPress, cURL is a PHP library that helps WordPress to communicate with other sites. Being a PHP library mean that if you’re using an obsolete PHP version (anything older than PHP 8.1) you’re for sure also using an obsolete cURL version.
Según tengo entendido este congreso está orientado principalmente a profesionales del marketing, por lo que doy por hecho que el nivel técnico de los asistentes no es muy alto, así que el taller irá orientado a dicho perfil de usuario, tratando que la gente que no tiene grandes conocimientos técnicos sea capaz de entender la importancia de la seguridad en WordPress y como sentar las bases para tener un WordPress protegido ante los ataques más habituales.