WordPress security – xss csrf base64 and sql injection protection