Plugins DatabasePlugins Database logo
Back to plugins
Homepage WordPress

Actions

DownloadAuthor pageSee on WordPress

Plugin info

Total downloads: 9,227
Active installs: 50
Total reviews: 2
Average rating: 5
Support threads opened: 0
Support threads resolved: 0 (0%)
Available in: 1 language(s)
Contributors: 2
Last updated: 9/12/2013 (4493 days ago)
Added to WordPress: 8/12/2012 (13 years old)
Minimum WordPress version: 3.1
Tested up to WordPress version: 3.6.1
Minimum PHP version: f

Maintenance & Compatibility

Maintenance score

Possibly abandoned • Last updated 4493 days ago • 2 reviews

22/100

Is Anti CSRF abandoned?

Possibly abandoned (last update 4493 days ago).

Compatibility

Requires WordPress: 3.1
Tested up to: 3.6.1
Requires PHP: f

Ratings

2
0
0
0
0See all reviews

Developers

Julio Potier (Owner)26Julio Potier8

Languages

Similar & Alternatives

Explore plugins with similar tags, and compare key metrics like downloads, ratings, updates, support, and WP/PHP compatibility.

No similar plugins found yet.
See more alternatives to Anti CSRF

Description

The CSRF vulnerability is the most famous web vulnerability, since … i do not remember, too long !

Many WordPress plugin (about 70%) from this repository or elsewhere, even Premim plugins are vunerable to this flaw.

To avoid get hacked because os this, just install this plugin, no settings, no tech. Just use your blog as usual.

! ONLY FOR BACK-END USAGE !

Installation

  1. Extract the plugin folder from the downloaded ZIP file.
  2. Upload BAW Anti CSRF folder to your /wp-content/plugins/ directory.
  3. Activate the plugin from the “Plugins” page in your Dashboard.
  4. That’s all

Frequently Asked Questions

Why do i have to link on your link when i’m on an update page ?

  • Because i’m using a buffer to modify each form and action link, but WordPress clear this buffer before me on this page 🙁 The link is just a Dashboard link.

Review feed

No reviews available

Screenshots

  1. On update page, clic MY link or die. ;)

    On update page, clic MY link or die. ;)

  2. Example of my own die with support proposal ;)

    Example of my own die with support proposal ;)

Changelog

1.5.2

  • 12 sep 2012
  • Little fix bug fro my code Improvment sight

1.5.1

  • 12 sep 2012
  • Little code Improvment

1.5

  • 04 sep 2012
  • Fix bug : wp_create_nonce undefined (hooked too soon)

1.4

  • 04 sep 2012
  • Add filter on admin_url() and network_admin_url() to add my nonce.

1.3

  • 03 sep 2012
  • 1.1 rollback, i have to keep the real nonces functions.

1.2

  • 11 sep 2012
  • Add more security using a message between a link without token, more annoying i admit, but more secure.

1.1.5

  • 16 aug 2012
  • Bug fix for Redirection (bad JS on my side x2)

1.1.4

  • 13 aug 2012
  • Bug fix for Jetpack (bad JS on my side)

1.1.3

  • 13 aug 2012
  • Bug fix for some link without my nonce

1.1.2

  • 13 aug 2012
  • Bug fix for l10n load

1.1.1

  • 13 aug 2012
  • Not a big deal, just forgot to add the plugin version in die support.

1.1

  • 12 aug 2012
  • Bug fix on redirection with wp_redirect()
  • Better own wp_die to explain and give support
  • Use my own nonces functions (clone from WP core) to avoid malicious plugins that can bypass mine

1.0.1

  • 12 aug 2012
  • Bug fix for default code ajax actions

1.0

  • 12 aug 2012
  • First Release

0.1b, 0.2b, 0.3b

  • 3 betas versions tested by @rochdaniel, @screenfeedfr, @gcroupie, @tmaquet, @geekpressfr, thanks dudes!
Back to plugins