This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Advanced Custom Fields ACF Front End Posting XSS Security using wp_kses
By North Street, A Creative Studio
If you ever find yourself using ACF Front-end posting, be SURE to add in this snippet to functions.php, to protect the site from possible XSS attacks:
/* Making sure any front-end ACF fields aren't vunderable to attacks.
https://www.advancedcustomfields.com/resources/acf_form/ */
function ns_kses_post( $value ) {
// is array
if( is_array($value) ) {
return array_map('ns_kses_post', $value);
}
// return
return wp_kses_post( $value );
}
add_filter('acf/update_value', 'ns_kses_post', 10, 1);
About north street
We engineer the thoughtful transformation of great organizations. Our proven process helps us understand what your competitors are doing right — and wrong. Want to learn more? Let’s chat.