Make WordPress Core

Ticket #54182: 54182.diff

File 54182.diff, 524 bytes (added by yagniksangani, 3 years ago)

Diff file

  • src/wp-admin/admin-post.php

    diff --git a/src/wp-admin/admin-post.php b/src/wp-admin/admin-post.php
    index 803a00652c..c42a42230d 100644
    a b nocache_headers(); 
    2929/** This action is documented in wp-admin/admin.php */
    3030do_action( 'admin_init' );
    3131
    32 $action = empty( $_REQUEST['action'] ) ? '' : $_REQUEST['action'];
     32$action = empty( wp_unslash( $_REQUEST['action'] ) ) ? '' : wp_unslash( $_REQUEST['action'] );
    3333
    3434if ( ! is_user_logged_in() ) {
    3535        if ( empty( $action ) ) {