Advanced Custom Fields ACF Front End Posting XSS Security using wp_kses

By North Street, A Creative Studio

If you ever find yourself using ACF Front-end posting, be SURE to add in this snippet to functions.php, to protect the site from possible XSS attacks:

/* Making sure any front-end ACF fields aren't vunderable to attacks.
https://www.advancedcustomfields.com/resources/acf_form/ */
function ns_kses_post( $value ) {

	// is array
	if( is_array($value) ) {

		return array_map('ns_kses_post', $value);

	}

	// return
	return wp_kses_post( $value );

}

add_filter('acf/update_value', 'ns_kses_post', 10, 1);
About north street

We engineer the thoughtful transformation of great organizations. Our proven process helps us understand what your competitors are doing right — and wrong. Want to learn more? Let’s chat.

More Notes

Collage of colorful shapes, mobile phones, and text.

Welcome to Your 2024 Branding Pep Talk

A bowler hat floating on top of radio waves in the background

CEO Tom Conlon Talks Shop on Podcast Marketing Secrets

Tom Conlon

CEO Tom Conlon in Conversation with The Opinionistics