Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on WordPress.

  1. Audit scripts enqueued via wp_enqueue_script() and remove or replace third-party CDN sources with self-hosted copies where possible.

  2. For remaining CDN scripts, add SRI hashes via the script_loader_tag filter:

    add_filter('script_loader_tag', function($tag, $handle, $src) {
// Add integrity and crossorigin attributes for specific handles
return $tag;
}, 10, 3);

  3. Review and disable plugins that load external JavaScript unnecessarily.

Back to top