Output Encoding
Converting special characters to safe equivalents before inserting data into HTML, URLs, or other contexts.
How it works
Converting special characters to safe equivalents before inserting data into HTML, URLs, or other contexts.
In WordPress
Context-dependent: esc_html() for HTML text, esc_attr() for attributes, esc_url() for URLs, esc_js() for JavaScript.
WP HealthKit checks for Output Encoding-related vulnerabilities automatically
Run a Free Audit