From 5ac9be8b6471c0186c4ef87a28a04239b6b5e479 Mon Sep 17 00:00:00 2001
From: Erick Hitter <services@ethitter.com>
Date: Tue, 28 Feb 2017 18:23:57 -0800
Subject: [PATCH] Check nonce before doing anything

---
 includes/class-main.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/includes/class-main.php b/includes/class-main.php
index b9500e5..fa714e0 100644
--- a/includes/class-main.php
+++ b/includes/class-main.php
@@ -19,7 +19,8 @@ class Main {
 			return;
 		}
 
-		// TODO: nonce/referrer checks
+		// Validate request
+		check_admin_referer( 'bulk-posts' );
 
 		// Parse request to determine what to do
 		$vars = self::capture_vars();
-- 
GitLab