how to secure the visual form builder from CSRF attacks? | WordPress.org

Resolved giblartar
(@giblartar)

10 years, 2 months ago

How to secure the visual form builder from CSRF attacks?
because the test results with Acunetix web vurnelability scanner, visual form bulder potentially exposed to attack scrf.

thanks

https://wordpress.org/plugins/visual-form-builder/

Viewing 1 replies (of 1 total)

Plugin Author Matthew Muro
(@mmuro)

10 years, 2 months ago

VFB protects against CSRF attacks by checking the referer.

A more secure method would be to use $_SESSION, but not every server handles those the same so it’s a bit of a developer sand trap.

Viewing 1 replies (of 1 total)

The topic ‘how to secure the visual form builder from CSRF attacks?’ is closed to new replies.

In: Plugins
1 reply
2 participants
Last reply from: Matthew Muro
Last activity: 10 years, 2 months ago
Status: resolved