Versions 2.27.5 (Premium) and 4.24.4 (free) added extra security to highlighting search terms in post content. Before that, an attacker with contributor access could inject malicious content in the posts and the highlighting would then trigger that. This is now fixed, but the fix comes with a cost: the post content is passed through the wp_kses_post() function which strips out the malicious content, but also useful content.
The easy solution for these problems is to disable the “Highlight query terms in documents” setting. I don’t think it is all that useful in most cases, and all good browsers have an efficient in-page search feature that can be used to find the matching content.
Another option is to adjust the wp_kses_post() functionality with the wp_kses_allowed_html filter hook. If you need to allow CSS styles, for example, you can use this snippet:
add_filter( 'wp_kses_allowed_html', function( $html, $context ) {
if ( 'post' == $context ) {
$html['style'] = true;
}
return $html;
}, 10, 2 );Note that this applies to everywhere on your site that uses the “post” context, not just these highlight cases.
If you have problems with a specific page, you can disable the highlighting feature on that page only:
add_action( 'wp_head', function() {
if ( is_page( 123 ) ) {
remove_filter( 'the_content', 'relevanssi_highlight_in_docs', 11 );
}
} );This checks the current page ID and if it’s 123, unhooks the filter function that adds the highlighting.