diff --git a/admin_menu.inc b/admin_menu.inc
index b34d2d4..dfde931 100644
--- a/admin_menu.inc
+++ b/admin_menu.inc
@@ -471,7 +471,7 @@ function admin_menu_links_icon() {
     '#access' => user_access('flush caches'),
     '#href' => 'admin_menu/flush-cache',
     '#options' => array(
-      'query' => $destination,
+      'query' => $destination + array('token' => drupal_get_token('admin_menu/flush-cache')),
     ),
   );
   $caches = array(
@@ -487,7 +487,7 @@ function admin_menu_links_icon() {
       '#title' => $title,
       '#href' => 'admin_menu/flush-cache/' . $arg,
       '#options' => array(
-        'query' => $destination,
+        'query' => $destination + array('token' => drupal_get_token('admin_menu/flush-cache/' . $arg)),
       ),
     );
   }
@@ -499,7 +499,7 @@ function admin_menu_links_icon() {
     '#access' => user_access('administer site configuration'),
     '#href' => 'admin_menu/toggle-modules',
     '#options' => array(
-      'query' => $destination,
+      'query' => $destination + array('token' => drupal_get_token('admin_menu/toggle-modules')),
     ),
   );
 
@@ -682,6 +682,10 @@ function _admin_menu_form_devel_admin_settings_alter(&$form, $form_state) {
  * This can save up to 150ms on each uncached page request.
  */
 function admin_menu_toggle_modules() {
+  if (!isset($_GET['token']) || !drupal_valid_token($_GET['token'], current_path())) {
+    return MENU_ACCESS_DENIED;
+  }
+
   $rebuild = FALSE;
   $saved_state = variable_get('admin_menu_devel_modules_enabled', NULL);
   if (isset($saved_state)) {
@@ -763,6 +767,10 @@ function _admin_menu_developer_modules() {
  *   (optional) Name of cache to flush.
  */
 function admin_menu_flush_cache($name = NULL) {
+  if (!isset($_GET['token']) || !drupal_valid_token($_GET['token'], current_path())) {
+    return MENU_ACCESS_DENIED;
+  }
+
   switch ($name) {
     case 'admin_menu':
       admin_menu_flush_caches();
diff --git a/admin_menu.module b/admin_menu.module
index 6fa85f2..1cc75cb 100644
--- a/admin_menu.module
+++ b/admin_menu.module
@@ -142,7 +142,7 @@ function admin_menu_init() {
   $settings['destination'] = drupal_http_build_query(drupal_get_destination());
 
   // Hash for client-side HTTP/AJAX caching.
-  $cid = 'admin_menu:' . $user->uid . ':' . $language->language;
+  $cid = 'admin_menu:' . session_id() . ':' . $language->language;
   if (!empty($_COOKIE['has_js']) && ($hash = admin_menu_cache_get($cid))) {
     $settings['hash'] = $hash;
     // The base path to use for cache requests depends on whether clean URLs
@@ -372,7 +372,7 @@ function admin_menu_output() {
   global $user, $language;
 
   $cache_server_enabled = variable_get('admin_menu_cache_server', TRUE);
-  $cid = 'admin_menu:' . $user->uid . ':' . $language->language;
+  $cid = 'admin_menu:' . session_id() . ':' . $language->language;
 
   // Do nothing at all here if the client supports client-side caching, the user
   // has a hash, and is NOT requesting the cache update path. Consult the hash