This is very interesting: http://make.wordpress.org/plugins/2013/04/09/intentionally-vulnerable-plugin/ Can you spot potential security threats? (Don't look in the comment section before you actually read the code)