id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
14556	get_pagenum_link() needs esc_url()	guigouz	nacin	"We're using get_pagenum_link() to build a page navigation instead of older/newer posts only. We've found this vulnerability on multiple sites, here's an example

http://robertbasic.com/blog/?%3E%22'%3E%3CScRiPt%3Ealert(428017202033)%3C/ScRiPt%3E

"	enhancement	closed	normal	3.4	Security	3.0.1	normal	fixed	has-patch	eric@…