I see that the plugin is not sanitizing user input as per field type.
For instance, text field should be sanitized using the WordPress built-in function
Here is the Recordit Screencast for what i am trying to show:
Notice that if a user enters a script, it gets saved to Database as-is without going through text field sanitization.
I understand not every developer want to run it through this method. Is there a way for me to run the input through these sanitization methods?
something like this where we can add the sanitization method to use as parameter in field array config:
Its usage is defined here:
Similar goes with other field types.
Let me know if you need more clarification on this.
You must be logged in to reply to this topic.