Title: Add Code To Head Author: salubrio Published: 2012 年 9 月 23 日 Last modified: 2026 年 4 月 23 日 --- 搜索插件 ![](https://ps.w.org/add-code-to-head/assets/icon.svg?rev=1263627) # Add Code To Head 作者:[salubrio](https://profiles.wordpress.org/salubrio/) [下载](https://downloads.wordpress.org/plugin/add-code-to-head.1.23.zip) * [详情](https://cn.wordpress.org/plugins/add-code-to-head/#description) * [评价](https://cn.wordpress.org/plugins/add-code-to-head/#reviews) * [安装](https://cn.wordpress.org/plugins/add-code-to-head/#installation) * [开发进展](https://cn.wordpress.org/plugins/add-code-to-head/#developers) [支持](https://wordpress.org/support/plugin/add-code-to-head/) ## 描述 Intended users: Template Designers, Developer, Admins If you wish to add any custom HTML to each page’s header, then this plugin is for you. This is useful for verifying you are the owner of the website to services such as Mailchimp or Google. You can quickly add the verification codes to your page header without having to edit your site’s template. In general, you can add custom CSS, a link to an external JavaScript file or something else. While it is generally recommended to create a child template if you’re going to make extensive, permanent changes to a template, there may be instances where a small change or two is needed that wouldn’t justify the creation of a child template— or your current template might not support child templates. You should nearly always avoid editing a template directly, because your changes will be lost when you next update the template. This plugin is not affected by template changes. ### Acknowledgements Plugin Icon (CC BY 3.0) by [DeniShop](https://www.iconfinder.com/denir) ## 屏幕截图 * [[ * Options screen ## 安装 #### Via the WordPress install plugin option * Click the big ‘Install Plugin’ button in the plugin description window #### Upload If you have a single file (ending in “.zip”), then use this method. 1. From the plugins, add new, click on the **upload** button 2. Navigate to where the .zip file is located and select it 3. Make sure to _activate_ the plugin once it is installed #### Files If you have multiple files in a directory, use this method. 1. Upload the entire directory (not just the files) to the `/wp-content/plugins/` directory 2. Activate the plugin through the ‘Plugins’ menu in WordPress ## 常见问题 ### Q. Will the latest changes resolve CVE-2025-48314? The plugin now normalizes and sanitizes saved head code for users who do not have the `unfiltered_html` capability before it is stored, closing the stored XSS vector described in CVE-2025-48314 for untrusted roles. Site owners who intentionally grant` unfiltered_html` (such as administrators on single-site installs) still bypass this sanitization by design so they can insert arbitrary code. **Bottom line:** the vulnerability of executing arbitrary code in the admin screens should be eliminated, however the functionality exists for _public_ pages and is intentional. Only advanced users who know what they are doing should use this plugin. ### Q. Why aren’t my codes being added to the absolute end of the head? Another plugin or the theme is adding their own codes to the head _after_ this plugin runs. ### Q. I don’t know HTML/JavaScript/CSS; can I still use this plugin? You can, but you shouldn’t. It is far too easy to break your site if you don’t know what you are doing. ### Q. Wordfence says something like “A potentially unsafe operation has been detected in your request to this site.” If you try to add a script or some other potentially-dangerous code (even if it isn’t), Wordfence might complain. Double check your code and if it is okay, mark it as a false positive in Wordfence. ### Q. Help! I messed up my whole site! Disable the plugin. If your site is still messed up, then there’s some other problem. ### Q. I disabled your plugin and the problem went away. Now what? The problem lies in whatever you typed/pasted into this plugin’s option screen. If you’re really stuck, then try clearing out the code and starting over. ### Q. Help! I accidentally erased the code and I didn’t mean to do that. Similar to [how widgets work](https://codex.wordpress.org/WordPress_Widgets), that data is stored in your database. If you made a backup before you deleted the data, then you can restore it that way, otherwise it is gone. ### Q. How do I apply code to only a certain page or pages? Right now you cannot. If there is sufficient demand, then we’ll add it. ### Q. Can I ask for additional functionality? Absolutely! ## 评价 ![](https://secure.gravatar.com/avatar/77552042ee68caa9c061c07ac1370f3b7e6e80d980bc5745c2495c25280b7005? s=60&d=retro&r=g) ### 󠀁[Works flawlessly](https://wordpress.org/support/topic/works-flawlessly-81/)󠁿 [overneathe](https://profiles.wordpress.org/overneathe/) 2017 年 5 月 22 日 Works flawlessly ![](https://secure.gravatar.com/avatar/ac592882c34c61fef0bcd9d68d26e4ef047009ea58232d064ae9edfca046ef5a? s=60&d=retro&r=g) ### 󠀁[works perfectly](https://wordpress.org/support/topic/works-perfectly-947/)󠁿 [neerav](https://profiles.wordpress.org/neerav/) 2016 年 10 月 22 日 used this plugin to add some google code to [ 阅读所有2条评价 ](https://wordpress.org/support/plugin/add-code-to-head/reviews/) ## 贡献者及开发者 「Add Code To Head」是开源软件。 以下人员对此插件做出了贡献。 贡献者 * [ salubrio ](https://profiles.wordpress.org/salubrio/) [帮助将「Add Code To Head」翻译成简体中文。](https://translate.wordpress.org/projects/wp-plugins/add-code-to-head) ### 对开发感兴趣吗? 您可以[浏览代码](https://plugins.trac.wordpress.org/browser/add-code-to-head/), 查看[SVN仓库](https://plugins.svn.wordpress.org/add-code-to-head/),或通过[RSS](https://plugins.trac.wordpress.org/log/add-code-to-head/?limit=100&mode=stop_on_copy&format=rss) 订阅[开发日志](https://plugins.trac.wordpress.org/log/add-code-to-head/)。 ## 更新日志 #### 1.21 * Fixed bug that caused extra space to be added to head contents. * Code quality and best-practice pass. No database schema changes; existing saved code is unaffected. #### 1.19 * Fix for CVE ID: CVE‑2025‑48314 * Stored head code is sanitized for users without `unfiltered_html`, mitigating the cross-site scripting (XSS) issue for untrusted roles * Note: arbitrary code insertion on public pages remains intentional (and is the point of this plugin). #### 1.17 * Tested compatibility up to WP 6.7.1 * Added note about Wordfence error that might be encountered #### 1.15 * Tested compatibility up to WP 5.7.2 * Reformatted script: converted tabs to spaces #### 1.13 * Tested compatibility up to WP 4.6.1 #### 1.11 * Name changed to (hopefully) reduce confusion. #### 1.10 * Screenshot updated * Compatibility with latest WordPress #### 1.09 * Readme file added #### 1.07 * Original release ## 额外信息 * 版本 **1.23** * 最后更新:**1 月前** * 活跃安装数量 **3,000+** * WordPress 版本 ** 6.1 或更高版本 ** * 已测试的最高版本为 **6.9.4** * PHP 版本 ** 8.0 或更高版本 ** * 语言 * [English (US)](https://wordpress.org/plugins/add-code-to-head/) * 标签 * [code](https://cn.wordpress.org/plugins/tags/code/)[css](https://cn.wordpress.org/plugins/tags/css/) [javascript](https://cn.wordpress.org/plugins/tags/javascript/)[template](https://cn.wordpress.org/plugins/tags/template/) * [高级视图](https://cn.wordpress.org/plugins/add-code-to-head/advanced/) ## 评级 5 星(最高 5 星)。 * [ 2 条 5 星评价 ](https://wordpress.org/support/plugin/add-code-to-head/reviews/?filter=5) * [ 0 条 4 星评价 ](https://wordpress.org/support/plugin/add-code-to-head/reviews/?filter=4) * [ 0 条 3 星评价 ](https://wordpress.org/support/plugin/add-code-to-head/reviews/?filter=3) * [ 0 条 2 星评价 ](https://wordpress.org/support/plugin/add-code-to-head/reviews/?filter=2) * [ 0 条 1 星评价 ](https://wordpress.org/support/plugin/add-code-to-head/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/add-code-to-head/reviews/#new-post) [查看全部评论](https://wordpress.org/support/plugin/add-code-to-head/reviews/) ## 贡献者 * [ salubrio ](https://profiles.wordpress.org/salubrio/) ## 支持 有话要说吗?是否需要帮助? [查看支持论坛](https://wordpress.org/support/plugin/add-code-to-head/)