id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc
9727,missing escape in wp_update_post?,Denis-de-Bernardy,ryan,"Noticed this while looking into #9539. wp_update_post() starts like this:

{{{
function wp_update_post($postarr = array()) {
	if ( is_object($postarr) )
		$postarr = get_object_vars($postarr);

	// First, get all of the original fields
	$post = wp_get_single_post($postarr['ID'], ARRAY_A);

	// Escape data pulled from DB.
	$post = add_magic_quotes($post);
}}}

Shouldn't it be:

{{{
function wp_update_post($postarr = array()) {
	if ( is_object($postarr) ) {
		// non-escaped post was passed
		$postarr = get_object_vars($postarr);
		$postarr = add_magic_quotes($postarr);
	}

	// First, get all of the original fields
	$post = wp_get_single_post($postarr['ID'], ARRAY_A);

	// Escape data pulled from DB.
	$post = add_magic_quotes($post);

}}}
",defect (bug),closed,normal,2.8,Security,2.8,normal,fixed,has-patch commit,