Add sniff to check that WP is killed in ajax response functions

[jrfnl]

Check that any function containing a check_ajax_referer( ... ); call, also contains a call to die(), wp_die() or exit at the end of the same function.

This should be a warning, not an error and will need a whitelist comment as the kill call may be delegated to a function which is called from within the function checking the referrer.

[Edit]: calls to wp_send_json(), wp_send_json_success() and wp_send_json_error() should also be accepted as a way to kill WP as they die.

[jrfnl]

Loosely related to #1205