I updated to 2.8.1, and the nonce check on line 48 of wp-members/wp-members-register.php broke my site:
check_admin_referer( ‘wpmem-register’ );
This was being called by registrations invoked by the shortcode:
This was on an ordinary page (of course!). But when visitors tried to register using it, they ended up having check_admin_referer called, and that check of course failed; see the comment upon check_admin_referer in wp-includes/pluggable.php:
* Makes sure that a user was referred from another admin page
- The topic ‘New nonce checks broke my site (2.8.1)’ is closed to new replies.