Keeping your WordPress theme or plugin code secure is important to prevent possible attacks from malicious users.
We’ve previously covered how to sanitize, escape and validate form data in WordPress, as well as improving your WordPress theme quality with the VIP Scanner.
Today we’ll look at how nonces (number used once) can also help keep your WordPress themes and plugins secure.
What are WordPress Nonces?
WordPress nonces are defined as:
… a “number used once” to help protect URLs and forms from certain types of misuse, malicious or otherwise.
https://codex.wordpress.org/WordPress_Nonces
Whilst in WordPress a nonce isn’t technically a number (it’s a hash made up of letters and numbers), it does help prevent actions from being run by malicious users.
WordPress nonces work in two parts:
Continue reading %What Are WordPress Nonces?%
