WordPress Plugin Developers Need to Make Sure There Nonce Checks Both Work if a Nonce Isn’t Sent or if the Nonce is Wrong
Yesterday, we released the results of a security review we did of a WordPress plugin. What we found while reviewing the changes made to address the problems we had found is a good reminder that security fixes need to be Continue reading WordPress Plugin Developers Need to Make Sure There Nonce Checks Both Work if a Nonce Isn’t Sent or if the Nonce is Wrong