wp_create_nonce does not secure you against CSRF or XSRF

A lock representing security for your website

What is wp_create_nonce and what is it for? wp_create_nonce is a function for theme and plugin developers using WordPress. The majority of developers understandably believe this secures their forms from cross site request forgery, unfortunately it doesn’t. WordPress is great at making functions for developers that any reasonable person would believe has security built-in. When […]