Check your install for unfiltered_html

Check your install for unfiltered_html

Just before the last release, the check for unfiltered_html snuck back into the code base for MU. This means that if you're using code since then, your users can insert malicious code into your site.

Please read this forum post from Donncha for more details. You can update the wp-admin/includes/schema.php so new blogs won't have this, and Donncha has provided a plugin to strip it off any blogs that may be using it.

It is very important that you check your codebase for this.

2 Comments
  • Andrea
    Posted at 19:43h, 28 March Reply

    Il s’agit juste d’un test.

    Esto es sólo una prueba.

  • Arabica
    Posted at 09:45h, 14 October Reply

    Hi Andrea,

    Sirry to pump this old post.
    Just want to mention a broken link to Donncha’s post.

Post A Comment