Ajax Security regarding user priviliges and nonces
The note is about the use of is_admin() to determine if a user has privileges to do something, because in every other context except admin-ajax.php, that will only be true for a logged in user. You can still use the API to determine if a user is logged in and who they are, and as … Read more