Home>Support>Script tags allowed in editor widget

Script tags allowed in editor widget

By Raja Mohammed, 6 years ago. Last reply by Alex S, 6 years ago.

I have been playing around with Siteorigin and found that the text editor allows script tags which in most case is a vulnerability. the scripts is also not stripped off in WP main editor as well. !
Version 2.6.0
widget 1.11.2
Theme vantage

After reading through the forum it seems siteorigin allowed it intentionally but what kind of security has been done ? .

This is our free support forum. Replies can take several days. If you need fast email support, please purchase a SiteOrigin Premium license.

  1. 6 years, 8 months ago Alex S
    Hi, I Work Here

    Hi Raja,

    Only users with the correct permission (specifically unfiltered_html) are able to add script tags via WordPress (regardless of SiteOrigin Page Builder or not). This is a standard WordPress capability and should only be given to users who need such permissions (which are typically admin users).

Replies on this thread are closed. Please create a new thread if you have a question, or purchase a SiteOrigin Premium license if you need one-on-one email support.

Get The Most Out of SiteOrigin with SiteOrigin Premium

Find Out More