The answer is that you should not check if wp_nonce_field() exists before using it!
The recommendation to perform the check assumes that you want to be compatible with versions of WordPress from before the function existed. If Rarst is right that it was introduced in 2.0.4 then you should NOT be supporting earlier versions, as they are all absolutely insecure and anyone using them needs to upgrade RIGHT NOW.
Usually you should not have to check for existence of functions from inside WP, unlike functions from plugins that might not be activated.
Where did you see that comment you quoted? It should be removed.
Related Posts:
- How to store username and password to API in wordpress option DB?
- In Which Contexts are Plugins Responsible for Data Validation/Sanitization?
- How to properly validate data from $_GET or $_REQUEST using WordPress functions?
- Nonces can be reused multiple times? Bug / Security issue?
- Can someone explain what wp_session_tokens are, and what are they used for?
- WordPress and PHP Sessions – Security and Performance
- What is the difference between esc_html and wp_filter_nohtml_kses?
- Nonce in settings API with tabbed navigation
- Log in from one wordpress website to another wordpress website
- Escaping built-in WP function return strings
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- WP Cron doesn’t save or in post body
- WordPress restrict plugin file direct access
- Plugin development: is adding empty index.php files necessary?
- Confusion on WP Nonce usage in my Plugin
- Coding a plugin on WordPress; when should I sanitize? [duplicate]
- Correct way check nonce (security) using old Options API
- Is there any way to check for user login and send him to login?
- WordPress security issue to output data from user input from theme option form
- Verify if user is wordpress logged in from another app since wordpress 4.0
- Secure Pages Best Practice
- Securing/Escaping Output of file content – reading via fread() in PHP
- best way to make a WordPresss multisite that is secure but at the same time supporting my plugin development efforts
- Video Security just like facebook [closed]
- Is disabling test_form in wp_handle_upload a security concern?
- How to connect my wordpress plugin to a remote database securely?
- wp_nonce_field displaying twice
- Is it necessary to do validation again when retrieving data from database?
- Checking a WordPress for OWASP top 10 vulnerabilities [closed]
- How do I have now a duplicated user entry if this is not allowed (and I cannot replicate it)?
- add_submenu_page hooked function must explicitly check user capabilities – why?
- Are there any security risks when submitting data-attribute data through AJAX?
- Why would you use esc_attr() on internal functions?
- Is it possible to use WP-CLI in a plugin (or theme)?
- Secruity Questions on a timer
- Using HTML links within translatable string
- How can I save a password securely as a settings field
- Using password protection to load different page elements?
- HTML Elements in my WP Plugin being generated in JS. Security and Translated Text Question about this method being used
- How to store sensitive user data (passwords)
- How do I make secure API calls from my WordPress plugin?
- esc_attr() on hard coded string
- how to add security questions on wp-registration page and validate it
- Experts opinions needed: How (in)secure is this approach?
- What is more secure checking capabilities of user or checking role of user in WordPress plugin development
- Data Validation, dynamically generated fields (select for example)
- esc_url, esc_url_raw or sanitize_url?
- How do I add CSS options to my plugin without using inline styles?
- How to override existing plugin action with new action
- Add custom TinyMCE 4 Button, Usable since WordPress 3.9-beta1
- How do I create links at the top of WP_List_table?
- Why Does get_posts() Return an Empty Set?
- Where to enqueue stylesheets for plugin?
- stray elements
- Deletion of shared options using uninstall.php
- Plugin Settings not Saving on Ajax re-ordered table
- Undefined function wp_set_password
- WordPress password reset – why post rp_key?
- How to modify the new WordPress 4.5 link inline toolbar
- Proper way to hook wp_get_attachment_url
- How to install WordPress Popular Posts plugin twice?
- Get the link text
- Multisite plugin development and wp_enqueue_script
- Prevent plugin from deleting important directories
- Finding the paragraphs in content
- When I deactive WooCommerce Plugin, I want to take a action in My plugin
- Hiding WordPress Plugin Source Code
- Create a custom display order in the main menu
- Override the default Add/Edit site forms of the Network Panel in custom plugin
- add more custom post types and custom role to the code
- Executing a function upon webhook calling wordpress
- A better way to include localized labels in WordPress plugins
- How a deprecated function can crash WordPress site while upgrading
- plugin settings – uploading multiple files with a single button
- Getting term_id for newly created or edited term
- How to insert text at the current cursor position in Gutenberg?
- Remove unwanted elements for a wp_nav_menu
- What is the proper method of using global $post?
- how to add stylesheet to particular plugin only?
- Difference between wp_salt schemes
- WordPress daily cron is executing more frequently than once a day
- How can I replace the search results displayed by WordPress?
- What is the best way to store a few fields?
- I18n not working in plugin
- Mixing l18n string from my plugin with WordPress’ translations
- Non editable custom taxonomy
- How to resize WordPress images on upload to specific height and width without cropping it
- Get section of input passed to the sanitize_callback
- Checking for existing title in custom db query not working
- Security of a WordPress Plugin
- How to know if current plugin is going to be used while rendering the page?
- Dynamically modify content added to table via javascript
- functions won’t fire after I converted my code from procedural code to OOP
- CPT UI and custom database table
- Updating a WP Plugin SVN not showing on WordPress Website or Zip
- Download stopped working in 4.7.4
- $wpdb Mysql trigger problem
- WordPress postboxes On Tabbed Views and Hiding Registered Pages
- Yet another wp_insert_post infinite loop. What is wrong?
- Is it smart to require_once wp-admin/includes/plugin.php when you need only one function from it