WordPress.org

Make WordPress Core

{1} All Tickets (7277 matches)

Create a new ticket
  • All active tickets
  • Sort by component, type, summary
  • Accepted tickets have an '*' appended to their owner's name

Results (1401 - 1500 of 7277)

Ticket Summary Owner Component Priority Severity Milestone Type Workflow Modified Comments
#25435 Introduce alternative to do_shortcode( '[shortcode]' ) rmccue Shortcodes normal normal Future Release feature request has-patch 09/27/2017 31
#33593 Make shortcodes case insensitive Shortcodes normal normal feature request dev-feedback 06/04/2019 2
#15394 Ancient "Are you sure you want to do this" now confusing Security normal minor Future Release defect (bug) dev-feedback 05/17/2019 17
#46792 CPANEL Directory Privacy DoesNOT work With WordPress Admin Directory Security normal blocker Awaiting Review defect (bug) reporter-feedback 04/05/2019 3
#24907 Escape admin_url() when used for ajax_url in admin header Security normal normal Awaiting Review defect (bug) has-patch 06/04/2019 5
#44637 Escape strings in wp-admin/themes.php Security normal normal Awaiting Review defect (bug) reporter-feedback 06/07/2021 2
#52333 Lack of the : entity on the list of allowed entity names in kses.php Security normal minor Awaiting Review defect (bug) has-patch 01/20/2021
#41391 Links to media in password protected pages Security normal normal Awaiting Review defect (bug) 07/24/2017 1
#53618 Nonce use for AJAX calls interferes with page caching Security normal normal Awaiting Review defect (bug) 07/07/2021 1
#37559 Password protected pages require the password only once Security normal normal Awaiting Review defect (bug) 06/04/2019 2
#37264 Please do not chmod 666 the wp-config.php file on installation. Security normal normal Awaiting Review defect (bug) has-patch 03/22/2019 9
#53869 Post type / Taxonomy Label Hardening: Prevent Raw HTML tags in output / Media Library eval of HTML entities in label Security normal normal Awaiting Review defect (bug) has-patch 08/04/2021 3
#53994 REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request Security normal normal Awaiting Review defect (bug) 08/24/2021
#50027 Retire Phpass and use PHP native password hashing Security normal normal Awaiting Review defect (bug) needs-unit-tests 12/10/2020 15
#53019 The _sanitize_text_fields function removing the octets that incorrectly work with Arabic RTL languages. Security normal normal Awaiting Review defect (bug) 05/05/2021 1
#34041 Tying nonces to sessions breaks when users are switched Security normal major Future Release defect (bug) 06/04/2019 5
#50828 Update ca-bundle.crt and remove expired certificates SergeyBiryukov Security normal normal Future Release defect (bug) has-patch 11/10/2021 25
#16483 Visibility: password-protected exposes multiple pages Security normal normal Future Release defect (bug) dev-feedback 09/26/2018 32
#48955 WP 5.3.1 changes cause potential backwards compatibility breakage with kses Security normal normal Future Release defect (bug) 08/12/2020 28
#53973 WordPress <= 5.8 - Authenticated Persistent XSS (User role name) Security normal normal Awaiting Review defect (bug) dev-feedback 01/03/2022 6
#34852 fix broken re-auth loop (due to expired session) Security normal normal Awaiting Review defect (bug) 06/04/2019 1
#31686 wp_authenticate_username_password() should check for a WP_Error object Security normal normal Awaiting Review defect (bug) reporter-feedback 08/06/2019 6
#37670 wp_validate_redirect fails when running WordPress on a port Security normal normal Awaiting Review defect (bug) reporter-feedback 06/04/2019 2
#38260 A FORCE_SSL_CANONICAL constant Security normal normal Awaiting Review enhancement 06/04/2019 1
#38259 A FORCE_SSL_CONTENT constant Security normal normal Awaiting Review enhancement 06/04/2019 1
#38261 A FORCE_SSL_SCRIPTS constant Security normal normal Awaiting Review enhancement 06/04/2019 2
#37757 Add `allowed_classes` to `maybe_unserialize` When WordPress is running on PHP 7+ Security normal normal Awaiting Review enhancement has-patch 09/13/2017 7
#52639 Add proper Security Attributes to the Cookies set by WordPress Security normal normal Awaiting Review enhancement reporter-feedback 02/24/2021 7
#23165 Admin validation errors on form nonce element IDs (_wpnonce) Security normal normal Awaiting Review enhancement has-patch 02/08/2021 17
#54775 Allow int/float for esc_ functions Security normal normal Awaiting Review enhancement close 01/10/2022 2
#39656 Create a submenu item under About admin bar for security Security normal normal Awaiting Review enhancement 01/23/2017 2
#53296 Do trim $hook_name within add_action() and add_filter() function Security normal normal Awaiting Review enhancement has-patch 05/29/2021
#40237 Educate users about modern password best-practices Security normal normal Awaiting Review enhancement 02/09/2018 7
#51611 Escape echoing Core functions Security normal normal Awaiting Review enhancement 10/24/2020 1
#28521 FORCE_SSL constant for really forcing SSL Security normal normal Future Release enhancement 07/01/2019 21
#43320 Harden API requests against man-in-the-middle attacks Security low minor Awaiting Review enhancement 02/18/2018 2
#53946 Improve return types for sanitizing/escaping functions Security normal normal Awaiting Review enhancement 08/19/2021 5
#50510 Improve security of wp_nonce implementation Security normal normal Awaiting Review enhancement dev-feedback 06/24/2021 4
#44058 Include security sniffs in PHPCS ruleset Security normal normal Future Release enhancement 05/16/2018 3
#51159 Let's expand our context specific escaping methods for wp_json_encode(). Security normal normal Awaiting Review enhancement 08/27/2020 1
#36087 Migration plan from insecure RNG fallback Security normal normal Future Release enhancement 09/30/2020 3
#51407 Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility adamsilverstein Security normal normal Future Release enhancement dev-feedback 11/09/2021 12
#52544 Removing database tables allows anyone to take over all website files Security normal major Awaiting Review enhancement 03/31/2021 13
#54512 Suggestion for file protection Security normal normal Awaiting Review enhancement 11/25/2021
#37000 Support for the SameSite cookie attribute Security normal normal Future Release enhancement dev-feedback 09/03/2021 41
#29429 Support frame-ancestors directive over X-Frame-Options Security normal normal Future Release enhancement dev-feedback 07/29/2019 3
#38262 Task: Opt in SSL Improvements Security normal normal Awaiting Review enhancement 02/05/2020 3
#51438 Use CSP directive upgrade-insecure-requests when using HTTPS Security normal normal Future Release enhancement needs-unit-tests 11/09/2021 4
#52388 Use HTTPS URL already during installation if supported Security normal normal Future Release enhancement needs-unit-tests 01/28/2021
#21022 Use bcrypt for password hashing; updating old hashes Security normal major Future Release enhancement dev-feedback 04/16/2021 111
#37941 add rel="noopener noreferrer" to any target="_blank" nicolapeluchetti Security normal normal Awaiting Review enhancement close 07/30/2021 22
#47440 add_header X-Frame-Options Security normal normal Awaiting Review enhancement close 05/31/2019 1
#36177 default htaccess should include security measures Security normal normal Awaiting Review enhancement 11/09/2021 18
#38474 wp_signups.activation_key stores activation keys in plain text SergeyBiryukov Security normal normal Future Release enhancement has-patch 01/08/2019 15
#54280 wp_verify_nonce should return a filter Security normal normal Awaiting Review enhancement 10/17/2021
#37604 'Password Lost/Changed' emails should give indication of the strength of the new password Security normal normal Future Release feature request dev-feedback 04/09/2018 5
#43215 Allow wp_kses to pass allowed CSS properties Security normal normal Awaiting Review feature request 02/02/2018
#20140 Ask old password to change user password Security normal normal Future Release feature request dev-feedback 06/04/2019 20
#53902 Automating the creation of inline javascript and inline stylesheet nonces or hashes Security normal normal Awaiting Review feature request 01/03/2022 2
#38536 Hook/Function to Set Content-Security-Policy Security normal normal Awaiting Review feature request 06/04/2019 2
#32067 Remove inline javascript from WP-Core to allow CSP protection Security normal normal Future Release feature request 09/28/2020 19
#50613 disable update for themes e plugin Security normal normal Awaiting Review feature request 07/09/2020 1
#50437 Add leniency to the overdue check for plugin and theme auto updates Security normal normal Future Release task (blessed) 07/14/2020 7
#53848 'is_feed was called incorrectly' notice if `wp_styles()` is called before the query Script Loader normal normal Awaiting Review defect (bug) 12/14/2021 1
#37362 @font-face errors with dashicons in Microsoft Edge Script Loader normal normal Awaiting Review defect (bug) 12/11/2017 4
#43900 Add hint about blocked Javascript as possible error reason in script-loader.php Script Loader normal normal Awaiting Review defect (bug) 05/02/2018 8
#30036 Add some escaping to $handle when printing styles. Script Loader normal normal defect (bug) 06/04/2019 2
#42438 Add support for preload links (similar to resource hints) swissspidy Script Loader normal normal Future Release defect (bug) needs-unit-tests 04/21/2020 12
#51837 Adding `add_theme_support` for html5 for scripts, does not remove the type attribute from `wp-emoji-release.min.js` SergeyBiryukov Script Loader normal normal 6.0 defect (bug) has-patch 11/15/2021 8
#49192 All plugin style tags are empty after upgrade to 5.3.2 Script Loader normal major Awaiting Review defect (bug) reporter-feedback 01/20/2020 2
#37756 Allow inline scripts on script aliases Script Loader normal normal Future Release defect (bug) needs-unit-tests 12/13/2019 4
#34591 BugFix to WP_Scripts::do_item(), remove doubled "//" Script Loader normal normal Awaiting Review defect (bug) needs-unit-tests 02/05/2017 4
#24713 Compression in load_styles.php does not always work, causing inability to use the admin Script Loader normal normal defect (bug) 06/04/2019 1
#45106 Concerns related to moving mce_external_plugins filter to WP_Scripts::__construct Script Loader normal normal Awaiting Review defect (bug) 01/16/2019
#26113 Create a WordPress-specific, dependable reference to the WP-bundled jQuery object. Script Loader normal normal defect (bug) 06/04/2019 2
#52320 Empty entries in WP_Scripts 'extra' field Script Loader normal trivial Awaiting Review defect (bug) 02/23/2021
#17916 Enqueued styles are only printed on login_footer in wp-login.php Script Loader normal normal Future Release defect (bug) dev-feedback 08/10/2018 38
#45008 Inconsistent use of 'script_loader_src' and 'style_loader_src' filters when performing concatenation Script Loader normal normal Awaiting Review defect (bug) has-patch 09/27/2018
#40134 Invalid data for scripts in footer Script Loader normal normal Awaiting Review defect (bug) 03/12/2017
#13078 Make wp_register_style and wp_enqueue_style consistent Script Loader normal normal defect (bug) has-patch 06/04/2019 3
#46089 Memory exhaustion when setting script translations on `wp-i18n` Script Loader normal normal Future Release defect (bug) needs-unit-tests 02/04/2021 14
#36779 Move /wp-admin/load-scripts.php and /wp-admin/load-styles.php to /wp-includes Script Loader normal normal defect (bug) 06/04/2019
#47789 NGINX: Request for media-view.js leads to "zero size buf in writer" Script Loader normal normal Awaiting Review defect (bug) 10/20/2019 4
#49742 No longer able to enqueue multiple Google Fonts with wp_enqueue_style Script Loader normal normal Awaiting Review defect (bug) 11/10/2021 8
#54800 Nonce creation causes DB access errors when initializing multisite networks peterwilsoncc Script Loader normal normal 5.9.1 defect (bug) has-patch 01/19/2022 17
#35963 Only remove item from WP_Dependencies::to_do if it was successfully processed Script Loader normal normal defect (bug) needs-unit-tests 06/04/2019 2
#53566 Pass the asset path to the `_doing_it_wrong()` notice in `register_block_script_handle()` Script Loader normal normal Awaiting Review defect (bug) 06/30/2021
#21520 Prevent recursive script dependencies in wp_enqueue_script Script Loader normal normal defect (bug) 06/04/2019 11
#40426 Remove dns-prefetch of s.w.org domain Script Loader normal minor Awaiting Review defect (bug) has-patch 04/17/2021 5
#15833 Script concatenation fails to take external dependencies into account. Script Loader normal normal Future Release defect (bug) 05/21/2019
#49470 Script loader: simplify maintenance Script Loader normal normal Future Release defect (bug) 07/21/2020 5
#40737 Script tags inside unclosed HTML comment in value passed to WP_Script->localize() breaks page Script Loader normal normal Awaiting Review defect (bug) has-patch 06/01/2017
#52879 The SCRIPT_DEBUG constant is ignored when concatenating scripts Script Loader normal minor 6.0 defect (bug) 11/15/2021 8
#42440 Uncaught TypeError: $(...).wpColorPicker is not a function Script Loader normal normal Awaiting Review defect (bug) 11/06/2017 1
#36448 When concatenating scripts in script-loader dependencies may not be honoured. Script Loader normal normal defect (bug) 06/04/2019 1
#36449 When concatenating styles in script-loader dependencies may not be honoured. Script Loader normal normal defect (bug) 06/04/2019 1
#39991 jQuery UI Datepicker Localization Error with PHP date 'S' Script Loader normal normal Future Release defect (bug) has-patch 10/25/2018 6
#54777 passing empty object to wp_localize_script will convert it to empty array instead of empty object Script Loader normal normal Awaiting Review defect (bug) 01/10/2022 1
#47322 scenario based-bug in the file load-style.php Script Loader normal normal Awaiting Review defect (bug) 05/20/2019
#53741 wp-admin/css/common.min.css is loading on the front-end Script Loader normal normal Future Release defect (bug) needs-docs 11/02/2021 14
Note: See TracReports for help on using and creating reports.