Support » Plugins and Hacks » XSS attack prevention changes in 2.7.1

  • caemusic

    (@caemusic)


    I’ve highly customized my php files, so I’d rather not upgrade.. I just want to add the filter enhancements to help prevent XSS attacks so I’m going to do it manually.

    After looking at the diff logs I want to make sure I’m doing it right. I’m assuming red means deleted and green means added? All three patches made changes to formatting.php so it’s sort of confusing.

    Are the fixes mentioned on this page the only changes in 2.7.1 that help prevent hacks?

    http://core.trac.wordpress.org/ticket/8767

    Thanks

Viewing 1 replies (of 1 total)
  • Moderator Samuel Wood (Otto)

    (@otto42)

    The changes made are rather extensive, I would not recommend attempting to implement them yourself.

    Upgrade. If you have customized files, then consider abstracting your customizations into plugins or non-core files.

Viewing 1 replies (of 1 total)
  • The topic ‘XSS attack prevention changes in 2.7.1’ is closed to new replies.