WordPress.org

Ready to get started?Download WordPress

Forums

XSS attack prevention changes in 2.7.1 (2 posts)

  1. caemusic
    Member
    Posted 5 years ago #

    I've highly customized my php files, so I'd rather not upgrade.. I just want to add the filter enhancements to help prevent XSS attacks so I'm going to do it manually.

    After looking at the diff logs I want to make sure I'm doing it right. I'm assuming red means deleted and green means added? All three patches made changes to formatting.php so it's sort of confusing.

    Are the fixes mentioned on this page the only changes in 2.7.1 that help prevent hacks?

    http://core.trac.wordpress.org/ticket/8767

    Thanks

  2. Samuel Wood (Otto)
    Tech Ninja
    Posted 5 years ago #

    The changes made are rather extensive, I would not recommend attempting to implement them yourself.

    Upgrade. If you have customized files, then consider abstracting your customizations into plugins or non-core files.

Topic Closed

This topic has been closed to new replies.

About this Topic