When using save_post you are usually add/updating user-inputted data from a metabox into the database. When do this you should check that your metabox’s nonce is valid.
You should also check permissions as save_post is triggered inside wp_insert_post(), and not just when the you create/edit a post admin side.
Related Posts:
- Allow member to have access to custom post type only. Permission to only edit their own posts
- With Rest V2 (WP4.7) how does one restrict certain RESTFUL verbs?
- Do I need a nonce field for every meta box I add to my custom post type admin?
- Getting “The link you followed has expired” when adding custom post [closed]
- Allow User to Edit Page Based on their Email
- Allow Author role to publish one post type and not another
- Undefined index: at_nonce in custom post metabox
- Custom Meta Boxes – Nonce Issue – Move to trash issue
- Registration and Custom Post Types – How to synchronize information?
- Confusion regarding Nonce & using it in Custom Columns for Saving Checkbox Value to Post Meta
- Roles for Custom Post Types
- Found 2 elements with non-unique id (#_ajax_nonce) and (#_wpnonce)
- read_post meta capability for anonymous users
- No Permission to add new Page, Post or CPT with Admin role
- Filtering results for post_type tells me I don’t have permission
- Forms and WordPress Nonce
- Fix permission error for deleting custom post from front-end?
- get_delete_post_link() only works for administrator, even if other user has exactly the same permissions
- Preventing role reading others posts
- Why “Mine” is the default view when adding ‘capability_type’ in register_post_type
- Front-end submitted post is published with admin ID as author
- How to create new permission for custom post types for doing specific tasks
- check_admin_referer not working in custom meta box for custom post type
- Remove Custom Capability
- How do test if a post is a custom post type?
- Where to put my code: plugin or functions.php?
- What does this PHP function code mean? [closed]
- Remove slug from custom post type post URLs
- How to disable the single view for a custom post type?
- Custom post types, taxonomies, and permalinks
- Query all posts where a meta key does not exist
- How to create a permalink structure with custom taxonomies and custom post types like base-name/parent-tax/child-tax/custom-post-type-name
- How to get all taxonomies of a post type?
- How to sort the admin area of a WordPress custom post type by a custom field
- How to create a custom search for custom post type?
- Deregister custom post types
- Can I assign a template to a custom post type?
- Permalinks: custom post type -> custom taxonomy -> post
- Should I use custom post types or a custom database tables for plugin development?
- Enable revisions for custom post type
- Extending the search context in the admin list post screen
- How do I query a custom post type with a custom taxonomy?
- Adding a Custom Post Type into the menu screen
- Pagination not working with custom loop
- How to Add Tags to Custom Post Type?
- How come Featured Image isn’t showing up in my Custom Post Type?
- Custom Post Type URL Rewriting?
- Add category base to url in custom post type/taxonomy
- Include custom taxonomy term in search
- Is It Possible To Add Custom Post Type Menu As Another Custom Post Type Sub Menu
- Adding ‘menu order’ column to custom post type admin screen
- Capabilities and Custom Post Types
- Can the Next/Prev Post links be ordered by menu order or by a meta key?
- what is the correct way to compare dates in a WP query_posts meta_query
- Use register_post_type() to modify an existing post type
- Custom Taxonomy specific to a Custom Post type
- Renaming Custom Post Types and Taxonomies
- List all posts in custom post type by taxonomy
- Redeclare/Change Slug of a Plugin’s Custom Post Type
- Mixing custom post type and taxonomy rewrite structures?
- Advanced search form with filters for custom taxonomies and custom fields
- Highlighting wp_nav_menu() Ancestor Class w/o Children in Nav Structure?
- Resolve a custom post type name vs. page permalink conflict (same slug)
- Get custom post_type’s archive URL
- Enable Gutenberg on custom post type
- Is there a way to get N number of WYSIWYG editors in a custom post type?
- Can multiple custom post types share a custom taxonomy?
- How to Add Custom Fields to a Custom Post Type?
- Hook for post and page load
- How to enqueue scripts on custom post add/edit pages?
- How to display value of custom fields in page
- Where are wordpress custom types stored?
- Using save_post to replace the post’s title
- Custom Post Type pages are “not found”
- Possible to hide Custom Post Type UI/Menu from specific User Roles?
- How do I safely change the name of a custom post type?
- Custom post type single page returns 404 error
- Change “Enter Title Here” help text on a custom post type
- Hide content box with Custom Post Type?
- Change the text on the Publish button
- WP REST API fetch posts from post type
- Remove taxonomy slug from a custom hierarchical taxonomy permalink
- Adding categories to custom post type in permalink
- Load a script just to custom post type in admin
- Display all posts in a custom post type, grouped by a custom taxonomy
- How do you use a CPT as the default home page?
- get_terms by custom post type
- single-{$post_type}-{slug}.php for custom post types
- How do you use orderby with meta_query in WordPress 3.1?
- Custom post type single-{custom}.php not working
- How to get custom post type post id from slug?
- Programmatically publish a post (custom post type) with custom fields
- How to Add a Sub Menu Page to a Custom Post Type?
- Prevent post from being published if custom fields not filled
- WP_Query Pagination on single-custom.php
- Remove Custom Taxonomy Metabox from Custom Post Type Screen
- Is it possible to remove WYSIWYG for a certain Custom Post Type?
- Multiple orderby values in WP_Query
- Placing a Custom Post Type Menu Above the Posts Menu Using menu_position?
- How do I get the permalink of a custom post type?