Adding CSRF check?
-
I just got a notice that my plugin “does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.”
This is on admin pages that use CMB2 to display and process settings. Do you have any advice about hot to add CSRF checks for CMB2? Thanks!
Are others experiencing this vulnerability?
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
- The topic ‘Adding CSRF check?’ is closed to new replies.