disable tags on wordpress text editor

WordPress already disallows the use of JavaScript in the editor for users without the unfiltered_html capability. By default, only the Administrator and Editor roles have this capability. If necessary, you could remove this capability from Editor users as well. (It doesn’t make sense to remove it from Administrators, because they will still have the ability to install plugins, and thus execute whatever kind of code they want to.)

This code should do that for you:

function wpse_285333_remove_unfiltered_html_cap() {
    $wp_roles = wp_roles();
    $wp_roles->remove_cap( 'editor', 'unfiltered_html' );
}

// This function actually only needs to run once, so you can comment this out
// after loading the site once.
add_action( 'init', 'wpse_285333_remove_unfiltered_html_cap', 5 );

There are also plugins available to help with managing roles and capabilities.

Related Posts:

  1. Custom wp.editor.initialize settings ignored
  2. SecurityError: Blocked a frame with origin from accessing a cross-origin frame
  3. Remove inline linking tool
  4. How to wrap the content of the main tinyMCE editor with extra tags
  5. Add Item to Custom TinyMCE Menu
  6. How to get value of selected page template in Gutenberg editor?
  7. Strange gibberish JavaScript in Editor – site hacked?
  8. Close TinyMCE plugin window on click away
  9. Trouble adding JavaScript in visual editor (Sharpspring embed code)
  10. How can I get the standard WP-Editor through Javascript?
  11. Make TinyMCE checkbox that returns a value instead of true/false
  12. wp.editor.initialize does nothing
  13. Button insert link on front wp_editor not working
  14. JavaScript && operator in visual editor
  15. Authentication with the Rest API when using an External Application
  16. Media library not working with wp_editor() on the front end
  17. Popup box when Clicking on Insert into post button in wordpress
  18. wordpress 4.4 upgrade visual editor bullets select for not selected elements
  19. How to reference TinyMCE body in my script
  20. Change syntax styling of TinyMCE HTML Text Editor
  21. find out reason of “Updating failed” in Post-editor
  22. Should I manually resolve WP Core File security issues or await a subsequent WP release?
  23. How to stop javascript code being broken when going into visual editor
  24. How to make shortcode which returns HTML?
  25. How to use WP switchEditors.switchto(this) JS function in your own script?
  26. Cannot read properties of undefined (reading ‘show_ui’) Error on WordPress Post Editor
  27. VisualComposer/WPBakery Page Editor: Is any JS event triggered after the Edition pop-in is shown?
  28. Dynamically write in editor with Javascript
  29. &nbsp when I use ENTER for skipping line
  30. None of the JavaScript works when using wp_editor
  31. Securing Contact Form 7 [closed]
  32. Use add_action to run a script, but only on the post editor page
  33. How to securely set dynamic HTML content with JavaScript?
  34. Background color of edit post page
  35. Why Is wp.editor Not Adding the ”Add Media” Button When I Initialize It?
  36. how to refresh page after user logout with ‘wp_logout_url’?
  37. Open image gallery on link click
  38. How do I call for two js files into a custom template?
  39. How to delay display of page elements until enqueued script has injected html
  40. load-scripts.php loads incorrect file names
  41. Retrieve $_POST data to send to javascript without using localize script
  42. Visual editor popover or placeholder
  43. How to change number field to text field using JS
  44. Enqueue concatinated JS file in WordPress
  45. Custom Media Meta fields to alter the generated image HTML that is inserted into a post for my animated GIF image player?
  46. wp_enqueue_scripts doesn’t work for template pages
  47. WordPress text widget with onclick function
  48. Create new product with woocommerce REST API with javascript (clientside)?
  49. Connecting a wordpress site to an AngularJS APP
  50. Can’t change javascript files
  51. how to do open a link in a open window from menu bar? [closed]
  52. Combining results from WP-API using AngularJS
  53. JavaScript and Google PageSpeed + wp_enqueue_script
  54. Javascript file doesn’t load
  55. Script not working in post content
  56. JavaScript problem in a WordPress PAGE
  57. How to identify which javascript is being executed
  58. Put dynamic Javascript in header after doing operations
  59. Unserialize WP_Options options programatically?
  60. how to include js in widget?
  61. early enqueueing javascript file in page template, not in functions.php
  62. Wysiwyg editor not working on 4.2.2
  63. Editing the source of a display for posts (to category recent)
  64. Dequeue set-post-thumbnail.min.js
  65. Extending the “Add Media”-Dialog … how do I finally insert something to the Post?
  66. How to adjust the selector used in JS to target only the one that was clicked on?
  67. WordPress 4.2 mce-views migration guide?
  68. Receive “menu-toogle” event from section menu in customizer
  69. Adding javascript blocks to a single file and adding it to the header
  70. JS files landing on page but not working, using childtheme of twentyeleven
  71. WordPress 4.1 crashes loading of ArcGIS Javascript API
  72. jQuery + more won’t load in header
  73. How to modify a class in load-scripts.js ?
  74. Convert javascript running xml files to wordpress platform
  75. When I click edit on a post, all the content disappear. Does anyone know how to fix this?
  76. WOW.js Script Tag Initialization Header/Footer
  77. How to block action if post is “dirty”?
  78. Remove WordPress default registration client side validation?
  79. How to integrate a different (JavaScript) editor in WordPress?
  80. JS enqueue path (localhost)
  81. Load and execute javascript from body
  82. Why can’t I load JS script in a plugin?
  83. Page template dynamic links based on browser size
  84. javascript errors on mobile browser, not on desktop
  85. Trigger a function during onload
  86. Loaded JavaScript file not showing [duplicate]
  87. WordPress Theme – jQuery JavaScript Library Issue
  88. I keep getting Javascript error messages
  89. How to add additional JavaScript code [duplicate]
  90. custom page url slug needs illegal ?id=1 for javascript
  91. Script loaders vs wp_enqueue_script
  92. PHP or JS for header image rotator?
  93. convertEntities() used before it is defined
  94. Block pattern conflict with custom block
  95. Use one javascript variable into another javascript file
  96. JavaScript: TypeError: xyz is not a function after upgrading WordPress
  97. How do I find stylesheet & javascript handles? [duplicate]
  98. JavaScript errors
  99. JavaScript file successfully registered but does not render correctly
  100. Disable html in custom post types
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)