Make WordPress Core

Changeset 58093


Ignore:
Timestamp:
05/03/2024 02:30:56 PM (9 months ago)
Author:
SergeyBiryukov
Message:

Login and Registration: Check that post_password is a string in wp-login.php.

This prevents a fatal error if an array is passed instead.

Follow-up to [19925], [34909], [58023].

Props dd32, swissspidy.
Fixes #61136.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-login.php

    r58023 r58093  
    754754
    755755    case 'postpass':
    756         if ( ! array_key_exists( 'post_password', $_POST ) ) {
     756        if ( ! isset( $_POST['post_password'] ) || ! is_string( $_POST['post_password'] ) ) {
    757757            wp_safe_redirect( wp_get_referer() );
    758758            exit;
Note: See TracChangeset for help on using the changeset viewer.