WordPress.org

Plugin Directory

akismet

Opened 2 years ago

Closed 2 years ago

#1453 closed defect (fixed)

Additional nonce for Akismet actions

Reported by: josephscott Owned by: matt
Priority: normal Severity: normal
Plugin: akismet Keywords:
Cc:

Description

Verify actions via nonce for removing comment author url.

Attachments (2)

akismet.diff (1.9 KB) - added by josephscott 2 years ago.
akismet.2.diff (2.0 KB) - added by josephscott 2 years ago.

Download all attachments as: .zip

Change History (6)

josephscott2 years ago

comment:1 westi2 years ago

It's is more normal and better practice to use check_admin_referer( action, nonce_field_name ) instead of "manually" verifying the nonce, also this should be the first check that is made.

josephscott2 years ago

comment:2 follow-up: josephscott2 years ago

Updated diff to use check_admin_referer instead.

comment:3 in reply to: ↑ 2 westi2 years ago

Replying to josephscott:

Updated diff to use check_admin_referer instead.

Looks perfect

comment:4 josephscott2 years ago

  • Resolution set to fixed
  • Status changed from new to closed

In [487730]:

Add a nonce check to the comment author URL remove feature

Fixes #1453

Note: See TracTickets for help on using tickets.