WP Nonce validation fails when signing up

  • I got an email from a client today that people are not able to sign up for her newsletter. I tried on the page, and clicking the submit button does not do anything.

    With further investigation, I was able to determine that the wp_die() function is being called in mailchimp.php at line 312, inside the check for the posted nonce value.

    Nothing has changed in the setup on the site. We are using the same code to generate the nonce that we have been for some time, but now it seems to be failing. Here is the code where we generate the nonce for the form:

    <form id="mc_signup_form" action="#mc_signup" method="post">
                <input type="hidden" value="js" name="mc_submit_type" id="mc_submit_type">
                <input type="hidden" value="mc_submit_signup_form" name="mcsf_action">
                <?php wp_nonce_field('mc_submit_signup_form', '_mc_submit_signup_form_nonce', false); ?>
                <div class="mc_form_inside">

    And here is the relevant section of mailchimp.php:

    case 'mc_submit_signup_form':
				// Validate nonce
				if (!wp_verify_nonce($_POST['_mc_submit_signup_form_nonce'], 'mc_submit_signup_form')) {
					wp_die('Cheatin&rsquo; huh?');
				}

    Any idea why this has started failing?

    https://www.ads-software.com/plugins/mailchimp/

Viewing 1 replies (of 1 total)

  • Hey chimericdream,

    Thanks for posting. Sorry about the delay in my response. Any chance you would be able to provide a link to the site with the form in question? I’d be happy to take a look and see if I can replicate and take a look at the issue from my end.

    Thanks!

    -tk

Viewing 1 replies (of 1 total)
  • The topic ‘WP Nonce validation fails when signing up’ is closed to new replies.