WordPress.org

WordPress Nonces

Nonces are used as a security related protection to prevent attacks and mistakes.

WordPress has implemented nonces in the most recent versions. The WordPress Plugin API provides functions, actions and filters for handling nonces.

For more information on how WordPress uses Nonces and Nonces in general, see:

• Mark Jaquith - WordPress Nonces
• Vladimir Prelovac - Using Nonces in WordPress Plugins

Nonce Related Functions

The following are nonce related functions found in the Function Reference:

• wp_nonce_field
• wp_nonce_url
• wp_verify_nonce
• wp_create_nonce
• check_admin_referer

Nonce Related Codex Topics

• Creating Options Pages
• Plugin API/Filter Reference
• Plugin API/Action Reference

Security Resources on Nonces

• Cross-site request forgery article on WikiPedia

• Home Page
• WordPress Lessons
• Getting Started
• Working with WordPress
• Design and Layout
• Advanced Topics
• Troubleshooting
• Developer Docs
• About WordPress

Codex Resources

• Community portal
• Current events
• Recent changes
• Random page
• Help