This plugin hasn’t been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Visual Editor Biography

Description

Replaces the Biographical Info profile field with the WordPress visual editor, TinyMCE, allowing you to editor an author’s biography using rich text.

Please note that this plugins modifies the output of get_the_author_meta('description') and the_author_meta('description'), apply the same filters used to format content in the main editor.

Multisite Compatibility

The Visual Editor Biography plugin is compatibly with WordPress Multisite, just use the Network Activate feature to enable a visual editor on every site. If you only want a visual editor for a specific site then activate the plugin for that site only.

Screenshots

  • The TinyMCE visual editor added to the Users > Profile page
  • The formatted front end view for get_the_author_meta('description') and the_author_meta('description')

Installation

  1. Install easily with the WordPress plugin control panel or manually download the plugin and upload the folder visual-editor-biography to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

Reviews

This appears to improve the security of this

Nice, straightforward plugin.

Replacing the public function save_filters() function with the following appears to sanitize the input:

public function save_filters() {
		
		// Contributor level user or higher required
		if ( !current_user_can('edit_posts') )
			return;
			
		//disable WordPress sanitization to allow more than just $allowedtags from /wp-includes/kses.php
		remove_filter('pre_user_description', 'wp_filter_kses');
		//add sanitization 
		add_filter( 'pre_user_description', 'wp_filter_post_kses');
	}

Credit for the sanitize snippet to: http://badlywired.com/2015/03/allow-html-in-user-description/ (although it may be seen on 1 or 2 other posts/sites).

Works fine, but a security hole.

This plugin is extremely convenient but you should change a line of code before using it.

File: visual-editor-biography.php
Line 137: remove_all_filters(‘pre_user_description’);

This allows you to use HTML by removing all filters, making it impossible for other plugins to adjust anything AND more important, it allows users to run <script> tags. Use this instead:

remove_filter('pre_user_description', 'wp_filter_kses');
add_filter('pre_user_description', 'wp_filter_post_kses');

This removes only the strict HTML filter and replaces it with a less strict version, allowing links, images and markup including divs.

Read all 10 reviews

Contributors & Developers

“Visual Editor Biography” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

1.4

  • Check for ‘edit_posts’ capability instead of ‘contributor’ for accurate role checks
  • Remove ‘the_content’ filters from get_the_author_description() function and instead add filters individually to avoid future conflicts with other plugins: wptexturize(), wpautop() and convert_chars(). Thanks to Matt Wiebe for making this great suggestion.

1.3

  • Restrict the rich text editing profile switch to contributor level users or higher for security
  • Add current_user_can() restrictions for added security throughout plugin

1.2

  • Fix issue with JS loading on user-edit.php; when administrators edit other people’s bio’s

1.1

  • Updates and bug fixes for older WordPress versions
  • Add plugin Banner to /assets/ folder for WordPress repository

1.0

  • Initial public release to the WordPress plugin repository