id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc
21892,sanitize_option() adds and strip slashes to use the wrong kses functions,nacin,nacin,"sanitize_option() does this:
{{{
$value = addslashes($value);
$value = wp_filter_post_kses( $value ); // calls stripslashes then addslashes
$value = stripslashes($value);
}}}

When it should instead do this:
{{{
$value = wp_kses_post( $value );
}}}

Likewise for wp_filter_kses() versus wp_kses_data().",defect (bug),closed,normal,3.5,Formatting,,normal,fixed,,