|
|
|
|
|
|
by jakejake
5163 days ago
|
|
|
I haven't seen their patch yet. I'd be surprised to see a nonce, my guess is they just call the standard Wordpress function to require auth. There's surely a better way to do it without accepting code via the query string. Keep the code on the server and have that function only refer to an index or something perhaps? |
|
|