The nonce, or number used once, is a security mechanism used in WordPress to prevent CSRF (Cross-Site Request Forgery) attacks.
The concept behind a nonce is to create a unique number associated with a specific action. This number is then sent along with the AJAX request and is subsequently verified by the server to ensure that the request was indeed sent from the intended source.
In this case, we are creating a nonce called “ajax-submit-form-nonce” and sending it along with the AJAX request for the contact form. The server will then verify that the sent nonce is valid before processing the request.
This is an effective method to prevent CSRF attacks, as it ensures that only requests from the intended source (the website) are processed by the server.