Title: Cross-Site Request Forgery Last modified: August 22, 2016 --- # Cross-Site Request Forgery * Resolved [rdagger](https://wordpress.org/support/users/rdagger/) * (@rdagger) * [11 years, 5 months ago](https://wordpress.org/support/topic/cross-site-request-forgery/) * I looked at the code and I did not see any protection against CSRF attacks. I’m new to WP, but it appears to have several built-in nonce functions to address CSRF. I also noticed that you used sanitize_text_field() instead of sanitize_email() to strip the post email field (not sure if it makes a difference). Thanks for the great plugin. Simple is always better. * [https://wordpress.org/plugins/simple-basic-contact-form/](https://wordpress.org/plugins/simple-basic-contact-form/) Viewing 1 replies (of 1 total) * [Jeff Starr](https://wordpress.org/support/users/specialk/) * (@specialk) * [11 years, 3 months ago](https://wordpress.org/support/topic/cross-site-request-forgery/#post-5641962) * Thanks for the suggestion, will add nonce security for the coming update. Cheers 🙂 Viewing 1 replies (of 1 total) The topic ‘Cross-Site Request Forgery’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/simple-basic-contact-form_d8b8d8. svg) * [Simple Basic Contact Form](https://wordpress.org/plugins/simple-basic-contact-form/) * [Frequently Asked Questions](https://wordpress.org/plugins/simple-basic-contact-form/#faq) * [Support Threads](https://wordpress.org/support/plugin/simple-basic-contact-form/) * [Active Topics](https://wordpress.org/support/plugin/simple-basic-contact-form/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/simple-basic-contact-form/unresolved/) * [Reviews](https://wordpress.org/support/plugin/simple-basic-contact-form/reviews/) * 1 reply * 2 participants * Last reply from: [Jeff Starr](https://wordpress.org/support/users/specialk/) * Last activity: [11 years, 3 months ago](https://wordpress.org/support/topic/cross-site-request-forgery/#post-5641962) * Status: resolved