diff --git a/source/administrator/components/com_jedchecker/controllers/uploads.php b/source/administrator/components/com_jedchecker/controllers/uploads.php
index dc9c9c2..31191cb 100644
--- a/source/administrator/components/com_jedchecker/controllers/uploads.php
+++ b/source/administrator/components/com_jedchecker/controllers/uploads.php
@@ -28,6 +28,7 @@ class jedcheckerControllerUploads extends JController
      */
     public function upload()
     {
+        JRequest::checkToken() or die( 'Invalid Token' );
         $appl = JFactory::getApplication();
         $file = JRequest::getVar('extension', '', 'files', 'array');
         if ($file['tmp_name']) {
@@ -71,6 +72,7 @@ class jedcheckerControllerUploads extends JController
      */
     public function unzip()
     {
+        JRequest::checkToken() or die( 'Invalid Token' );
         $appl = JFactory::getApplication();
         // if folder doesn't exist - create it!
         if(!JFolder::exists($this->pathUnzipped)) {