You’re not doing anything unusual or unsafe. You are just defining functions, which is a perfectly normal and reasonable thing to do with JavaScript. If there’s a malicious script running on your page then sure, it could redefine those methods, but it could also do other things that much worse.
This is why you need to make sure that malicious scripts can’t run on the page with basic practices like sanitisation and escaping. There’s no best practice about not defining functions. JavaScript wouldn’t work at all if you weren’t supposed to do that.
Related Posts:
- Does an activated plugin automatically mean its methods are available to other WP functions?
- JavaScript, best way to use data from the loop
- How to add API security keys into JS of wordpress securely
- security concerns if using html data-* attribute for l10n?
- $.ajax results in 403 forbidden
- Retrieve $_POST data to send to javascript without using localize script
- Go Back to Previous Page
- Enforcing password complexity
- Pass media upload value to input field
- Create a global variable for use in all templates
- Where exactly do I write define( ‘WP_DEBUG’, true ) in wp-config file
- Data fetch and delete by ajax request
- Colorbox ajax loading of outside HTML content works perfect on localhost but not on server
- Slide in Panel WordPress Post
- Shortcode Inside Class Not Working
- Using shipped version of jquery
- Bridging TinyMCE js and WordPress PHP?
- Trying to implement Ajax comments in WordPress, getting WP error
- Simple Plugin with custom javascript wont work – no console error
- class click counter save number
- WordPress custom login form using Ajax
- Button not refreshing page
- Call global variable array() in woocommerce child/template
- Ajax – Call to undefined function get_option()
- Detect session/cookie variable in wordpress to prevent access to documents
- Populate dropdown with Child Pages based on Parent Page chosen
- SQL Injection blocked by firewall
- How to inject variables into public-facing JS using wp_enqueue_script
- Ajax random number always the same
- Javascript file is not working on single.php wordpress [closed]
- How to send Ajax request from my plugin in admin dashboard?
- Customizer: Multiple CSS styles on same element in Live Preview
- How to register javascript variables in wp_localize_script?
- Menu jumping when calling it via PHP
- Setting value of session with Ajax not working
- AJAX success response is not working but it’s saving my changes
- Post repeating with infinite scroll
- WordPress Ajax Call inserting data but success response false
- Is the wp_enqueue method efficient?
- admin-ajax Firing Error 400 When Logged In
- Making an AJAX call to refresh a table
- add onchange to select in a wp form
- Jquery window.send_to_editor function
- Troll the hackers by redirecting them
- malware undetectable by multiple scans
- Post repeated when opening in overlay, how do I solve this? [closed]
- Submitting a form, using Ajax, to run a SQL Select query based on user input from the form
- Run JS Code on userlog out
- Is it possible to isolate and use WordPress functions outside of wordpress
- Testing a Form’s Zipcode Field with Regular Expressions to Determine WordPress Page Behaviour
- Hot to check if new posts have been published since page load and notify online users?
- Time Delay a URL Redirect for Specific Page
- Cascading dropdown select search based on Parent Page & Child Page
- WordPress cascading dropdown selection search based on Parent Page & Child Page
- Unable to display multiple parameters from url by javascript through shortcodes
- Settings API form – submit with AJAX
- Search bar for wp menu
- Executing php on button press
- echo cutom css code to WordPress page template file ? is this safe?
- Run do_shortcode on php template using JS function
- global $product is empty string when passed into function
- Use PHP Class in WordPress functions
- Trying to add some custom text into WordPress Post title via function.php
- I have a lot of JavaScript erorrs after SSL someone can help me?
- How can i show specific Category List?
- Using Javascript On Page – Header and Footer Now Missing
- Store data from JavaScript object to custom table in user account
- Site infected by link
- Adding extra data to shortcode attributes and pass it to JS with wp_localize_script
- Show the subcategory name based on current product
- Proper use of Output Buffer for a whole php clas
- Access WP files on “server 1”, from “server 2” – using wp-load on an external website
- Javascript Tab Gallery with Advanced Custom Fields
- Cannot successfully execute AJAX script to call function.php specific function. Using XAMPP localhost to test
- sessionStorage saves input value in browser but it is not loaded in the form field
- Replacing entire tag with shortcode – JavaScript [duplicate]
- How do I make comment-reply-button with that takes to comment reply form on click
- Deny php execution in /wp-includes – using .htaccess in /wp-includes VS root folder
- wordpress all post filter by year
- Generate a radius search of custom post type locations
- custom field – changing an element or background of id div – different versions not working
- Calling WordPress hook from within a class: call to undefined function error
- How to load WP_Editor JS files manually (with AJAX)?
- Bootstrap Carousel Indicators Won’t Cycle On Custom WordPress Theme
- Where to find the html for WordPress site? [closed]
- Why isn’t my custom Javascript showing up in my custom template?
- global $post inside plugin query messes up every new post page in wp-admin
- What is wrong with assigning values to a WP_List_Table class?
- 500 (Internal Server Error) of external php file
- Add title and caption to thumbnail image on mouseover
- Problems with plugin that fetches data from database with ajax
- Dynamic Gallery
- Cannot get custom javascript to execute on page
- How to create and add js and css file when server is not on my PC?
- Object of class WP_Post could not be converted to string while trying to console.log wp_get_nav_menu_items
- Check radio get value to array
- Pass a PHP variable (loop-audio.php) to jQuery function (js/script.js)
- Slick slider not working on wordpress
- Show Login Errors In WordPress/Elementor (Code “works”, but breaks site)
- How can I use AJAX in child theme template?