diff options
Diffstat (limited to 'src/MetaBox.php')
| -rw-r--r-- | src/MetaBox.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/MetaBox.php b/src/MetaBox.php index d11336f..c2386ee 100644 --- a/src/MetaBox.php +++ b/src/MetaBox.php @@ -47,7 +47,9 @@ class MetaBox return; } - file_put_contents(TimberEditor::getTemplateFilePath($postId), $_POST['timber-editor_content']); + $content = wp_kses($_POST['timber-editor_content'], wp_kses_allowed_html('post')); + + file_put_contents(TimberEditor::getTemplateFilePath($postId), $content); if (empty($_POST['timber-editor_content'])) { wp_delete_file(TimberEditor::getTemplateFilePath($postId)); } |