Cross-Site Request Forgery
-
I looked at the code and I did not see any protection against CSRF attacks. I’m new to WP, but it appears to have several built-in nonce functions to address CSRF. I also noticed that you used sanitize_text_field() instead of sanitize_email() to strip the post email field (not sure if it makes a difference).
Thanks for the great plugin. Simple is always better.https://www.ads-software.com/plugins/simple-basic-contact-form/
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Cross-Site Request Forgery’ is closed to new replies.
