Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
nonce functions
#1
Most (if not all) plugins that have a backend do not make use of GS get_nonce, check_nonce... functions.
Should they?
Does this make GS+plugins less safe?
Reply
#2
I think it would be harder to target a csrf attack on a plugin.
You really have to know your victim has a high probability of having it installed
NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix
Reply




Users browsing this thread: 1 Guest(s)