Is the wp_login_form() function in WP secure enough?
I see there are no nonce fields.
I managed to add a nonce field, but I’m not sure whether WP will consider it or if it is just yet another field in the form.
Is it secure enough or should I proceed further with custom coding?