kses converts ampersands to & in post titles, post content, and more
|Reported by:||Viper007Bond||Owned by:|
|Cc:||westi, gabriel.koen@…, batmoo@…, boonebgorges@…|
Make a test user that has the "author" role (i.e. no unfiltered_html) and write a post with a title that has & in it. After saving, it will becomes & due to wp_filter_kses(). It gets saved in the database this way too.
It's confusing to the user.
Change History (16)
comment:6 Viper007Bond — 3 years ago
- Summary changed from Low access users get their ampersands escaped in post titles to kses converts ampersands to & in post titles, post content, and more