Support » Plugin: Insert PHP Code Snippet » Dangerously Insecure

  • This is an incredibly dangerous plugin

    Any plugin that allows you to place PHP inside post content is dangerously insecure. With this plugin installed, anybody who can edit, update, or create a post, can place a PHP shell or another attack script inside these short codes and gain an alarming level of control over your WordPress install.

    Because of this, you can also run into trouble and issues with your hosting if they see you have a plugin of this type installed. Some hosts will refuse to host this kind of code precisely because of the security risks involved

    It would be much safer to implement a shortcode instead, or custom theme templates

    • This topic was modified 1 year, 7 months ago by Tom J Nowell.
  • The topic ‘Dangerously Insecure’ is closed to new replies.