Title: [Plugin: Tabify edit screen] Security issue
Last modified: August 20, 2016

---

# [Plugin: Tabify edit screen] Security issue

 *  Resolved [Julio Potier](https://wordpress.org/support/users/juliobox/)
 * (@juliobox)
 * [14 years, 1 month ago](https://wordpress.org/support/topic/plugin-tabify-edit-screen-security-issue/)
 * Hello
 * A nonce token is missing in the settings, check “wp_nonce_field()” and “check_admin_referer()”
   in WP codex. This leads on a CSRF attack
    Also, a XSS attack is possible because
   the title is not sanitized with “esc_attr()” and “esc_html()”.
 * BUT, if i close my eyes on this, this is a great idea ! nice work 🙂
    Waiting
   for the next patch to use it 😉
 * See you !
 * [http://wordpress.org/extend/plugins/tabify-edit-screen/](http://wordpress.org/extend/plugins/tabify-edit-screen/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [Marko Heijnen](https://wordpress.org/support/users/markoheijnen/)
 * (@markoheijnen)
 * [14 years, 1 month ago](https://wordpress.org/support/topic/plugin-tabify-edit-screen-security-issue/#post-2664630)
 * Will fix that in the next release. Hopefully the end of this week.
 *  Plugin Author [Marko Heijnen](https://wordpress.org/support/users/markoheijnen/)
 * (@markoheijnen)
 * [14 years, 1 month ago](https://wordpress.org/support/topic/plugin-tabify-edit-screen-security-issue/#post-2664954)
 * I just released the new version. Please let me know what you think about the 
   made improvements.
 *  Thread Starter [Julio Potier](https://wordpress.org/support/users/juliobox/)
 * (@juliobox)
 * [14 years, 1 month ago](https://wordpress.org/support/topic/plugin-tabify-edit-screen-security-issue/#post-2665026)
 * Hello, sorry for the delay, this is good Marko 🙂
    Did i win a “thanks to Julio
   from BoiteAWeb.fr” in the changelog near the “security” line ? 😉 Thanks in advance

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘[Plugin: Tabify edit screen] Security issue’ is closed to new replies.

 * ![](https://ps.w.org/tabify-edit-screen/assets/icon.svg?rev=1362189)
 * [Tabify Edit Screen](https://wordpress.org/plugins/tabify-edit-screen/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/tabify-edit-screen/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/tabify-edit-screen/)
 * [Active Topics](https://wordpress.org/support/plugin/tabify-edit-screen/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/tabify-edit-screen/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/tabify-edit-screen/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [Julio Potier](https://wordpress.org/support/users/juliobox/)
 * Last activity: [14 years, 1 month ago](https://wordpress.org/support/topic/plugin-tabify-edit-screen-security-issue/#post-2665026)
 * Status: resolved