THE PENDING DRAFT

Put simply, CSRF is when bad guys try to trick users (usually someone with access to the WordPress dashboard) into doing something they didn’t intend to do.

This article on CSS-Tricks is the second in a series of articles about WordPress Frontend Security. In this one Andy Adams explains CSRF (Cross-Site Request Forgery) and what nonces are, how they are used in WordPress and why it’s so important that you use them.

CSS-Tricks on WordPress Frondend Security – CSRF and Nonces