If you’re going to add the nonce field to an HTML string, you have to specify that you don’t want it echoed. That’s the fourth parameter; see https://core.trac.wordpress.org/browser/tags/3.3.1/wp-includes/functions.php#L1952
$formDisplay .= wp_nonce_field( 'contact-form', '_wpnonce', true, false );
Related Posts:
- Nonces can be reused multiple times? Bug / Security issue?
- What is the difference between esc_html and wp_filter_nohtml_kses?
- Nonce in settings API with tabbed navigation
- Escaping built-in WP function return strings
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- Confusion on WP Nonce usage in my Plugin
- Error : “Updating failed: The response is not a valid JSON response” with custom shortcode
- WordPress security issue to output data from user input from theme option form
- Secure Pages Best Practice
- Custom login doesn’t work properly
- Is it necessary to do validation again when retrieving data from database?
- Why would you use esc_attr() on internal functions?
- Using HTML links within translatable string
- Using password protection to load different page elements?
- How can we stop showing short code in create or edit post section
- How do I make two shortcode use the same id and increment it when I use them multiple times?
- Caption Shortcode: what filter to change the image size?
- Where to put my code: plugin or functions.php?
- Autoloading & Namespaces in WordPress Plugins & Themes: Can it Work?
- What process do you use for WordPress development? [closed]
- Why does WordPress use outdated jQuery v1.12.4?
- What is the advantage of using wp_mail?
- How would I create a plugin for my shortcodes?
- How to prevent newline from appearing in shortcode?
- Where do I start from
- Check for featured image in WP_Query
- Enqueue script only when shortcode is used, with WP Plugin Boilerplate
- Get file headers in custom file
- Shortcodes, output buffering, and WordPress functions
- Filter on the_content ignores shortcodes
- How to: get main plugin/theme file?
- add_theme_support using a plugin
- Get returned variable from a function to add_shortcode function
- Why is my shortcode not working
- What is the difference between these two methods of writing $ instead of jQuery in WordPress [closed]
- Plugin development: is adding empty index.php files necessary?
- Can’t get JS code to work with shortcode
- Coding a plugin on WordPress; when should I sanitize? [duplicate]
- Is there any way to have Featured Text, as opposed to Featured Image?
- Find source of notice / warning / errors efficiently
- Problem with is_active_sidebar?
- StackExchange clone using WordPress?
- Sharing common functionality (functions, template parts) between plugins and themes?
- Change template dynamically
- Gutenberg Block showing invalid content on edit
- Get Current Menu Location inside Nav_Walker
- Storing product price data in the database
- Maximum lifetime for nonce
- Verify if user is wordpress logged in from another app since wordpress 4.0
- Short code not working in boostrap modal dont no why?
- What is the proper way to include Bootstrap when executing a shortcode
- Is there a way to list all actions registered by a plugin or theme?
- Adding option to Gallery shortcode
- Passing nonce at admin menu link
- Elementor custom Query with ACF fields to show matching woocommerce products custom fields
- How developed with version control word press site on shared host? [closed]
- How to limit number of number of categories displayed by categories widget
- PowerPress mobile media player
- When is the proper time to minify css and js with git workflow?
- Redirect to another page using contact form 7? [closed]
- Plugin is not generating title tags on any pages or posts
- Update Data parameter of a wp_localize_script() call
- get_the_tags with separator control?
- Checking a WordPress for OWASP top 10 vulnerabilities [closed]
- Add child pages to submenu automatically
- Are there any security risks when submitting data-attribute data through AJAX?
- Why in this archive page that call query_posts() function show only the last 10 posts?
- The Correct Way to Use Nonce Field without Settings API
- Shortcode not appearing when used as post content in wp_insert_post() or possibly, shortcode not being registered at all
- How to find where an object first instantiatiation
- Full documentation about $args for register_rest_route?
- How to create ShortCode
- shortcode tags not working in do_shortcode
- Passing values between enclosing and enclosed shortcodes
- How to remove/replace current page template?
- WordPress dynamic widget by location?
- Adjust query on single
- post content and shortcode content displaying out of order
- WP_Query order posts by category
- WordPress Favicon not Working For Images/Videos/PDFs
- WPGut – Updating failed and shortcode?
- How to store sensitive user data (passwords)
- Is it possible to develop themes and plugins locally while still allowing content to be updated directly in the admin dashboard?
- Including content into an add_shortcode() function
- How can I measure CPU and RAM used by my theme or plugin
- set a custom post type to a taxonomy term programmatically in metabox
- Custom premium registration form and profile page for a WordPress Web Application
- How to destroy or dispose wordpress uploder/manager?
- Which filter to use to pre-parse form elements, which are generated by plugin’s shortcode?
- To remove rendering of menus and header, plugin or theme?
- To remove rendering of menus and header, plugin or theme?
- How can I add recent posts to menu like mashable
- Children Shortcodes?
- Wrapping shortcodes in another shortcode
- Display Data’s metabox in page
- Ajax functions – no access to wp-admin.php only online
- How can I make my website with wordpress having on-spot editing feature as compared to concrete5 CMS?
- Developing a wordpress.com shortcode [closed]
- How to create A – Z List with pictures?
- Developing an IP lookup function using an API