Index: /controller/wpsg_AdminController.class.php
===================================================================
--- /controller/wpsg_AdminController.class.php	(revision 7535)
+++ /controller/wpsg_AdminController.class.php	(revision 7536)
@@ -267,10 +267,10 @@
 		 * Beim Speichern und Anzeigen der Shopdaten
 		 */
-		public function shopdataAction()
-		{
-
-			if (isset($_REQUEST['submit']))
-			{
-
+		public function shopdataAction() {
+
+			if (isset($_REQUEST['submit'])) {
+				
+				\check_admin_referer('wpsg-save-admin-shopdata');
+				
 			    $this->shop->update_option('wpsg_shopdata_name', $_REQUEST['wpsg_shopdata_name'], false, true, WPSG_SANITIZE_TEXTFIELD);
 			    $this->shop->update_option('wpsg_shopdata_owner', $_REQUEST['wpsg_shopdata_owner'], false, true, WPSG_SANITIZE_TEXTFIELD);
Index: /views/admin/shopdata.phtml
===================================================================
--- /views/admin/shopdata.phtml	(revision 7535)
+++ /views/admin/shopdata.phtml	(revision 7536)
@@ -20,5 +20,7 @@
 <div class="wpsg_admin_content form-horizontal">	
 	<form name="form1" method="post" enctype="multipart/form-data" action="<?php echo WPSG_URL_WP; ?>wp-admin/admin.php?page=wpsg-Admin&amp;subaction=<?php echo $_REQUEST['subaction']; ?>&amp;noheader=1">
-  
+		
+		<?php \wp_nonce_field('wpsg-save-admin-shopdata'); ?>
+		
   		<div class="panel panel-default">
   			<div class="panel-heading clearfix">