diff --git a/wp-admin/categories.php b/wp-admin/categories.php
index 41c047427..4cec8a508 100644
--- a/wp-admin/categories.php
+++ b/wp-admin/categories.php
@@ -62,6 +62,8 @@ case 'Delete':
     $standalone = 1;
     require_once('admin-header.php');
 
+    check_admin_referer();
+
     $cat_ID = intval($_GET["cat_ID"]);
     $cat_name = get_catname($cat_ID);
     $cat_name = addslashes($cat_name);
diff --git a/wp-admin/post.php b/wp-admin/post.php
index 3526fed7b..e38e3ab02 100644
--- a/wp-admin/post.php
+++ b/wp-admin/post.php
@@ -429,6 +429,8 @@ case 'delete':
 	$standalone = 1;
 	require_once('./admin-header.php');
 
+	check_admin_referer();
+
 	if ($user_level == 0)
 		die ('Cheatin’ uh?');
 
@@ -527,6 +529,8 @@ case 'deletecomment':
 $standalone = 1;
 require_once('./admin-header.php');
 
+check_admin_referer();
+
 if ($user_level == 0)
 	die (__('Cheatin’ uh?'));
 
@@ -562,6 +566,8 @@ case 'unapprovecomment':
 $standalone = 1;
 require_once('./admin-header.php');
 
+check_admin_referer();
+
 if ($user_level == 0)
 	die (__('Cheatin’ uh?'));