Title: Once again about malware
Last modified: July 7, 2024

---

# Once again about malware

 *  Resolved [iframe](https://wordpress.org/support/users/iframe/)
 * (@iframe)
 * [1 year, 10 months ago](https://wordpress.org/support/topic/once-again-about-malware/)
 * Hi.
 * I was cleaning an infected site, there’s a bunch of comments filled with
 * `"onmouseover=\"eval(atob(\'" long string`
 * I wonder isn’t WordPress supposed to sanitize the comment input form?
 * Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Moderator [threadi](https://wordpress.org/support/users/threadi/)
 * (@threadi)
 * [1 year, 10 months ago](https://wordpress.org/support/topic/once-again-about-malware/#post-17873928)
 * With KSES, WordPress offers a function to clean up the HTML code in the frontend,
   i.e. only permitted HTML elements and attributes are displayed there. However,
   this is only used if the theme used and plugins that output in the frontend also
   use KSES. Improper programming of themes and plugins can lead to problems at 
   this point. With a hacked website, you can also never be sure how KSES is affected.
   Anything can happen through such a hack, which is difficult to grasp and limit.
 * My recommendation would therefore always be not to try a cleanup first but to
   use a clean backup directly. The project should then be secured.
 * See also:
   [https://wordpress.org/documentation/article/faq-my-site-was-hacked/](https://wordpress.org/documentation/article/faq-my-site-was-hacked/)
   [https://developer.wordpress.org/advanced-administration/security/hardening/](https://developer.wordpress.org/advanced-administration/security/hardening/)
 *  Thread Starter [iframe](https://wordpress.org/support/users/iframe/)
 * (@iframe)
 * [1 year, 10 months ago](https://wordpress.org/support/topic/once-again-about-malware/#post-17873935)
 * oh, I see.
 * The theme is question doesn’t have `[wp_kses() ](https://developer.wordpress.org/reference/functions/wp_kses/)`
   function.
 * Thank you!
 *  Moderator [threadi](https://wordpress.org/support/users/threadi/)
 * (@threadi)
 * [1 year, 10 months ago](https://wordpress.org/support/topic/once-again-about-malware/#post-17873940)
 * There are various wp_kses functions, e.g.`wp_kses_post()`. If this clarifies 
   the question for you, you are welcome to set the topic to solved.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Once again about malware’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 3 replies
 * 2 participants
 * Last reply from: [threadi](https://wordpress.org/support/users/threadi/)
 * Last activity: [1 year, 10 months ago](https://wordpress.org/support/topic/once-again-about-malware/#post-17873940)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics