Why am I getting a 403 from check_admin_referer()?

In the JS script, include the nonce in data, as in the following example:

jQuery(document).ready(function($){
    data = {
        action: 'hello',
        token: $( '#token' ).val()
    }
    $('#stupid_form').submit(function(){
        $.post(ajaxurl, data, function(response){
            $('#response').html(response);
        });
        return false;
    });
});

Additional Note

<?php wp_nonce_field('hello', 'token'); ?>

generates a hidden input with a markup similar to:

<input type="hidden" id="token" name="token" value="d9e3867a0e" />

i.e. the nonce name becomes the name as well as id of the input.

That explains the token: $( '#token' ).val() in the code I provided, where the format is NONCE_NAME: $( '#NONCE_NAME' ).val().

However, you may also target the name like so: token: $( 'input[name="token"]' ).val()

Related Posts:

  1. How does nonce verification work?
  2. How to expire a nonce?
  3. Fatal error: Call to undefined function wp_create_nonce()
  4. How to add/retrieve the post trash link?
  5. Using nonce external of WP Admin
  6. Nonce best practices: hidden input vs. wp_localize_script?
  7. “The link you followed has expired” when previewing a post
  8. wp_verify_nonce keeps failing
  9. Handling nonce generation in AJAX registration process
  10. increase nonce lifespan
  11. wp_verify_nonce() via REST always returns false
  12. Nonce failing in IE
  13. my theme breaks WP export
  14. x-wp-nonce across domains
  15. wp_create_nonce doesn’t verify when using WP_List_Table
  16. Handling expired nonces
  17. What is really “wp_nonce_field” and how does it work? [duplicate]
  18. Cannot verify nonce
  19. wp_verify_nonce return false despite correct parameter passed
  20. WordPress JSON API nonces and Vue development server
  21. Verify a nonce in Form submission
  22. phpcs error in WordPress
  23. Stop WordPress nonces expiring
  24. Several nonces?
  25. Nonce for Trashing Item
  26. Nonce keeps failing
  27. Public posts – preventing duplicate form submissions
  28. How to obtain “wp_rest” nonce for WP Statistics plugin manually?
  29. WordPress “nonce” message
  30. CSP nonces with Cloudflare Workers
  31. Why are nonces working in Firefox but not in Chrome?
  32. wp_verfy_nonce keeps giving false
  33. Nonce – reissue with ajax poll
  34. wp_nonce_url generating invalid links
  35. How to insert wp_nonce field within echoed string
  36. Nonce check causing issues when creating new post
  37. Weird nonce validation problem
  38. Logout button in menu without “wp” in links
  39. Do I need a nonce field for every meta box I add to my custom post type admin?
  40. Can I use the same nonce for multiple requests on the same page?
  41. How to get a unique nonce for each Ajax request?
  42. Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
  43. How to use nonce with front end submission form?
  44. Extend WordPress (4.x) session and nonce
  45. Nonces and Cache
  46. AJAX nonce with check_ajax_referer()
  47. Verify nonce in REST API?
  48. What is nonce and how to use it with Ajax in WordPress? [duplicate]
  49. Do I require the use of nonce?
  50. Getting “The link you followed has expired” when adding custom post [closed]
  51. Handling nonces for actions from guests to logged-in users
  52. How to add WordPress nonces to ajax request
  53. Can I verify nonce which was generated on a different WP site?
  54. Headless WordPress: How to authenticate front end requests?
  55. Nonces and Ajax request to REST API and verification
  56. How to stop _wpnonce and _wp_http_referer from appearing in URL
  57. Undefined index: at_nonce in custom post metabox
  58. WP REST API: check if user is logged in
  59. wp_verify_nonce doesn’t return true on server when it matches the nonce
  60. Can’t GET draft posts via REST API from headless frontend
  61. Rest API invalid nonce with Backbone Client
  62. How to get the wpnonce value?
  63. Verify Nonce returns false – Request Nonce returns correct value
  64. WordPress REST API, Expired Nonce from Cache results in 403 forbidden
  65. wp-admin AJAX with Fetch API is done without user
  66. How do I check if AJAX nonces are implemented correctly?
  67. Nonce generated 0-12 hours ago
  68. Passing a borrowed nonce through Postman fails
  69. Identical wp_rest nonce returned from rest_api
  70. WP nonce invalid
  71. Maximum lifetime for nonce
  72. Use of check_admin_referer with theme options and options.php
  73. Passing nonce at admin menu link
  74. Encountering “Wrong nonce. Action prohibitied.” when trying to alter User Role and unable to Post via WP Admin
  75. Bypass nonce value while trashing a post
  76. My custom write panels won’t save data. What am I missing?
  77. wp_nonce_field displaying twice
  78. How to verify nonces in bulk?
  79. Why do Metabox use Nonces?
  80. The Correct Way to Use Nonce Field without Settings API
  81. How to check nonce lifetime value of plugins?
  82. Does this code indicate an exploit?
  83. Using nonce when loading posts with AJAX
  84. Log in user using WordPress REST API
  85. Should wordpress nonce be placed in html form or in javascript file
  86. Extend Nonce Lifetime for Specific Nonce Creation
  87. Change button link to add nonce
  88. How do I mitigate replay attacks when talking about actions that shouldn’t happen twice?
  89. How can I verify WordPress nonce from the following code?
  90. AJAX form not working, still reloads on submit
  91. Register rest field authentication with REST API
  92. check_admin_referer not working in custom meta box for custom post type
  93. wp_nonce for Front-End submission form not working
  94. wp_verify_nonce fails always
  95. Nonce fail after second submit attempt
  96. custom metabox nonce verification fails
  97. How to use nonces for frontend AJAX voting if the page gets cached?
  98. when saveing $meta_box i get Undefined index error
  99. Using Nonce for my Form
  100. Metabox nonce not allowing update
techhipbettruvabetnorabahisbahis forumueduseduseduseduseduseduedueduseduedu