Title: Widget Security
Last modified: August 18, 2016

---

# Widget Security

 *  [drmike](https://wordpress.org/support/users/drmike/)
 * (@drmike)
 * [19 years, 9 months ago](https://wordpress.org/support/topic/widget-security/)
 * Greets:
 * This is more a topic probably for the WPMU forums but I wanted to get some feedback
   from over here since we have folks here who understand the WP code.
 * I’ve been hacking together some widgets for my clients at their request and I’m
   just wondering what filters we should be sending user text input for security
   purposes.
 * I hacked together some [widgets](http://www.tdjc.be/betawidgets.zip) and would
   like some one to take a look at them before I drop them into general use. I’m
   concerned about the titles of the widgets as they are where users would be inputing
   their text. To me, that would be the point where a hack attempt would be made.
 * And, yes, I know I should have made all those into one single file. 🙂
 * Thank you for your time,
    -drmike

Viewing 1 replies (of 1 total)

 *  [Austin Matzko](https://wordpress.org/support/users/filosofo/)
 * (@filosofo)
 * [19 years, 9 months ago](https://wordpress.org/support/topic/widget-security/#post-446733)
 * Why don’t you use ‘title_save_pre’ or ‘content_save_pre’, as WP applies kses 
   to those, depending on the capabilities of the user (in other words it tests 
   whether `current_user_can('unfiltered_html')`)?

Viewing 1 replies (of 1 total)

The topic ‘Widget Security’ is closed to new replies.

## Tags

 * [widgets](https://wordpress.org/support/topic-tag/widgets/)

 * 1 reply
 * 2 participants
 * Last reply from: [Austin Matzko](https://wordpress.org/support/users/filosofo/)
 * Last activity: [19 years, 9 months ago](https://wordpress.org/support/topic/widget-security/#post-446733)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics