From a security standpoint, should bloginfo() or get_bloginfo() be escaped?
We have to look a bit deeper here to get an answer to your question. So, bloginfo is a simple wrapper around get_bloginfo. <?php function bloginfo( $show=” ) { echo get_bloginfo( $show, ‘display’ ); } Notice the second argument display. Let’s see what that does. <?php function get_bloginfo( $show = ”, $filter=”raw” ) { // … Read more