SimplePie library is shipped with WordPress core (for a long time now). It is used by it to parse RSS feeds. Your issue is unrelated to it, it’s very clearly a case of hacked site and malicious code being inserted. Please note that recovery from hacks is considered not in scope in here. It’s not … Read more
SimplePie in WordPress uses the built-in kses sanitization, rather than SimplePie’s. Instead, you can filter on wp_kses_allowed_html and add your elements there. Keep in mind that this will occur for all post santization, not just via SimplePie. function se87359_add_allowed_tags($tags) { $tags[‘mytag’] = array(‘myattr’ => true); return $tags; } add_filter(‘wp_kses_allowed_html’, ‘se87359_add_allowed_tags’); If you want to do … Read more