disable tags on wordpress text editor

WordPress already disallows the use of JavaScript in the editor for users without the unfiltered_html capability. By default, only the Administrator and Editor roles have this capability. If necessary, you could remove this capability from Editor users as well. (It doesn’t make sense to remove it from Administrators, because they will still have the ability to install plugins, and thus execute whatever kind of code they want to.)

This code should do that for you:

function wpse_285333_remove_unfiltered_html_cap() {
    $wp_roles = wp_roles();
    $wp_roles->remove_cap( 'editor', 'unfiltered_html' );
}

// This function actually only needs to run once, so you can comment this out
// after loading the site once.
add_action( 'init', 'wpse_285333_remove_unfiltered_html_cap', 5 );

There are also plugins available to help with managing roles and capabilities.

Related Posts:

  1. Custom wp.editor.initialize settings ignored
  2. SecurityError: Blocked a frame with origin from accessing a cross-origin frame
  3. Remove inline linking tool
  4. How to wrap the content of the main tinyMCE editor with extra tags
  5. Add Item to Custom TinyMCE Menu
  6. How to get value of selected page template in Gutenberg editor?
  7. Strange gibberish JavaScript in Editor – site hacked?
  8. Close TinyMCE plugin window on click away
  9. Trouble adding JavaScript in visual editor (Sharpspring embed code)
  10. How can I get the standard WP-Editor through Javascript?
  11. Make TinyMCE checkbox that returns a value instead of true/false
  12. wp.editor.initialize does nothing
  13. Button insert link on front wp_editor not working
  14. JavaScript && operator in visual editor
  15. Authentication with the Rest API when using an External Application
  16. Media library not working with wp_editor() on the front end
  17. Popup box when Clicking on Insert into post button in wordpress
  18. wordpress 4.4 upgrade visual editor bullets select for not selected elements
  19. How to reference TinyMCE body in my script
  20. Change syntax styling of TinyMCE HTML Text Editor
  21. find out reason of “Updating failed” in Post-editor
  22. Should I manually resolve WP Core File security issues or await a subsequent WP release?
  23. How to stop javascript code being broken when going into visual editor
  24. How to make shortcode which returns HTML?
  25. How to use WP switchEditors.switchto(this) JS function in your own script?
  26. Cannot read properties of undefined (reading ‘show_ui’) Error on WordPress Post Editor
  27. VisualComposer/WPBakery Page Editor: Is any JS event triggered after the Edition pop-in is shown?
  28. Dynamically write in editor with Javascript
  29. &nbsp when I use ENTER for skipping line
  30. None of the JavaScript works when using wp_editor
  31. Securing Contact Form 7 [closed]
  32. Use add_action to run a script, but only on the post editor page
  33. How to securely set dynamic HTML content with JavaScript?
  34. Background color of edit post page
  35. React – uncaught TypeError: Cannot read property ‘setState’ of undefined
  36. Cannot read property ‘push’ of undefined when combining arrays
  37. Check if checkbox is checked with jQuery
  38. What does “res.render” do, and what does the html file look like?
  39. How to pause javascript code execution for 2 seconds [duplicate]
  40. Disable/enable an input with jQuery?
  41. Is there a sleep function in JavaScript?
  42. scrollIntoView Scrolls just too far
  43. How to update array value javascript?
  44. How to use scientific notation in js?
  45. String.Format not work in TypeScript
  46. jQuery Ajax POST example with PHP
  47. JSON.parse unexpected token s
  48. Escaping HTML strings with jQuery
  49. “Cross origin requests are only supported for HTTP.” error when loading a local file
  50. How to destroy a JavaScript object?
  51. wp_enqueue_script : how to change loading order of scripts?
  52. Is there a core Sortable component in Gutenberg?
  53. What are the better WYSIWYG post editor replacement alternatives?
  54. Using webpack to add customizer live preview functionality – wp.customize is not a function
  55. Path to image in js with wp_localize_script [closed]
  56. Load page in customizer preview on panel click?
  57. JQuery not loading
  58. Looping over wordpress meta to create “ ‘s?
  59. How to add API security keys into JS of wordpress securely
  60. How to include a JSON file on my page?
  61. Gutenberg consume wp-json data and reflect in frontend the content
  62. Adding inline JavaScript after wp_enqueue_scripts
  63. How to add “on change” to a text input in contact form7?
  64. How can I get user data into a javascript object?
  65. Why WordPress not using JSON_UNESCAPED_UNICODE by default?
  66. Install GTM in pure javascript through functions.php
  67. Update media library attachments
  68. WordPress load-scripts.php not loading
  69. Add script to page at certain location in wordpress
  70. get_header() in backend – but keep JavaScript and CSS files
  71. Absolutely print script in footer
  72. JavaScript Libraries in WordPress
  73. Removing admin javascript
  74. How can I put this JavaScript into WordPress? [closed]
  75. how to let users upload their custom cover image
  76. how to use nimble-API and Display data?
  77. How do you create your own link preview for my website?
  78. Can’t get rid of JQMIGRATE: Migrate is installed, version 3.3.2. Manually updated all the libralies and site. 5.8.2
  79. Need help in fixing javascript in WordPress
  80. Uncaught TypeError: r is not a function
  81. How to show cities according to the state in Form using Javascript? [closed]
  82. Can I get the user name in JavaScript?
  83. Landing function through URL
  84. Redirect to homepage if attmpting to leave intranet [closed]
  85. Twenty seventeen theme dropdown menu issue
  86. Escaping quotes while enqueuing scripts
  87. How to correctly load this jquery script through the file functions.php?
  88. Create new product with woocommerce REST API with javascript (clientside)?
  89. Combining results from WP-API using AngularJS
  90. Unserialize WP_Options options programatically?
  91. javascript errors on mobile browser, not on desktop
  92. Custom JS doesn’t work after 4.9.9 update [closed]
  93. Loading 2 Different Version of JS files [closed]
  94. Adding react app to an existing wordpress website
  95. Javascript file not included only on home page
  96. Get current day using javascript [closed]
  97. dropdown does not work [closed]
  98. Anyway to disable the auto excerpt creation?
  99. How do I cycle a JS function in WordPress? [closed]
  100. How to build BOTH non-block components and blocks present in the /src directory using @wordpress/scripts