CRED 1.3.3 With Stability and Security Improvements

   Dario

September 25, 2014

We just released a new bug fix version of CRED (1.3.3). It addresses an important security issue which allowed adding scripts and HTML tags to the content created by CRED forms.

To address this issue in the best possible way, we are now filtering out the script tags and we also added a new Content Filter section to the CRED Settings/Import page.

CRED Settings/Import page - new Content Filter section
CRED Settings/Import page – new Content Filter section

The Content Filter section allows you to choose HTML tags that are allowed for usage in the CRED forms on the front-end. Any other tags will be filtered out when submitting the forms.

You can read more about the new Content Filter section in our documentation, here.

Complete list of fixes and improvements:


Download and Update

You can download all Toolset components from your wp-types.com account.

Questions? Ideas? Suggestions? Leave your feedback here and we’ll reply.

 

Comments 6 Responses

    • Sorry for the late response. What information are you looking for? Please tell me and I will direct you to the right documentation page.

  1. Hello,
    I need ability to allow users to post iframe and embed tags since the field itself is related to video. How can I enable these tags? Can I use some filter hooks and which one?

    Thanks

    • Hi Ljubisa,

      I would suggest you to open a ticket for your question in our official forum, here:
      https://toolset.com/forums/

      This will ensure that you get an exact answer/help with any questions and problems you are struggling with or maybe you are just not sure about.

      Let me try to provide a quick answer to your question. From what I understood:
      – To allow the user to post iframe, you should probably create a custom shortcode
      because iframes are filtered out by WordPress for security reasons.
      – When we are talking about typical embedded video tags, it should be enough to put the video URL in a WYSIWYG editor and WordPress should do the rest.

      I hope this helps. If you’re still not sure on how to resolve this, please open a ticket and our forum support people will be happy to help!

      Thank you.