diff --git a/admin/admin-settings.php b/admin/admin-settings.php index 26f65976af1..a317a60ad29 100644 --- a/admin/admin-settings.php +++ b/admin/admin-settings.php @@ -544,6 +544,10 @@ $options_settings = apply_filters('woocommerce_options_settings', array( */ function woocommerce_update_options($options) { if(isset($_POST['submitted']) && $_POST['submitted'] == 'yes') { + + $nonce = $_REQUEST['_wpnonce']; + if (!wp_verify_nonce($nonce, 'woocommerce-settings') ) die( __('Action failed. Please refresh the page and retry.', 'woothemes') ); + foreach ($options as $value) { if (isset($value['id']) && $value['id']=='woocommerce_tax_rates') : @@ -645,7 +649,7 @@ function woocommerce_update_options($options) { do_action('woocommerce_update_options'); - echo '
'.__('Your settings have been saved.', 'woothemes').'
'.__('Your settings have been saved.', 'woothemes').'