#2691
|
HTML comments in posts aren't handled properly.
|
adamsilverstein*
|
needs-unit-tests
|
normal
|
normal
|
Future Release
|
defect (bug)
|
04/21/2024
|
#27350
|
Invalid HTML Output
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
08/13/2024
|
#17491
|
Make is_email() compliant with RFC5322 (updated by RFC6854)
|
|
needs-unit-tests
|
normal
|
minor
|
Future Release
|
defect (bug)
|
08/21/2024
|
#38044
|
Make seems_utf8() RFC 3629 compliant.
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
09/30/2024
|
#6297
|
Unbalanced tags across more and nextpage tags
|
|
|
normal
|
normal
|
Future Release
|
defect (bug)
|
03/15/2019
|
#55452
|
`safecss_filter_attr` removes background-images with URL parameters
|
|
|
normal
|
normal
|
Future Release
|
defect (bug)
|
04/20/2022
|
#29807
|
add support for picture element and srcset attribute on img in wp_kses
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
03/11/2024
|
#58902
|
add_query_arg() should esc_url_raw() REQUEST_URI
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
10/04/2024
|
#24487
|
is_email() does not recognize IDN domains
|
|
has-patch
|
normal
|
minor
|
Future Release
|
defect (bug)
|
04/28/2021
|
#17433
|
localhost is not accepted as email domain
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
03/20/2018
|
#45702
|
make_clickable() doesn't handle linked text being a URL with spaces within it
|
|
needs-unit-tests
|
low
|
trivial
|
Future Release
|
defect (bug)
|
04/03/2019
|
#47164
|
map_deep in formatting.php do not handle null-byte
|
|
dev-feedback
|
normal
|
critical
|
Future Release
|
defect (bug)
|
02/23/2023
|
#55257
|
map_deep() function incompatibility with incomplete objects in PHP 8.0+
|
|
dev-feedback
|
normal
|
major
|
Future Release
|
defect (bug)
|
08/08/2023
|
#44793
|
remove_accents() doesnt escape all versions of "i"
|
SergeyBiryukov
|
dev-feedback
|
normal
|
normal
|
Future Release
|
defect (bug)
|
09/22/2019
|
#24157
|
safecss_filter_attr doesn't allow rgb() in inline styles
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
06/09/2024
|
#50855
|
sanitize_file_name function not working as expected if there is '%20' in filename
|
audrasjb*
|
dev-feedback
|
normal
|
normal
|
Future Release
|
defect (bug)
|
10/07/2022
|
#33924
|
sanitize_html_class valid characters
|
|
dev-feedback
|
normal
|
normal
|
Future Release
|
defect (bug)
|
09/20/2022
|
#55996
|
the get_the_block_template_html call all the same functions as the the_conent filter so they are run twice
|
|
dev-feedback
|
normal
|
normal
|
Future Release
|
defect (bug)
|
08/28/2024
|
#54488
|
wp_filter_nohtml_kses does not remove HTML comments
|
audrasjb
|
dev-feedback
|
normal
|
normal
|
Future Release
|
defect (bug)
|
10/12/2023
|
#37698
|
wp_kses_split global variable pollution
|
|
has-patch
|
normal
|
normal
|
Future Release
|
defect (bug)
|
02/09/2021
|
#40202
|
wpautop bad code
|
|
|
normal
|
normal
|
Future Release
|
defect (bug)
|
05/21/2020
|
#2833
|
wpautop breaks style and script tags
|
|
dev-feedback
|
low
|
normal
|
Future Release
|
defect (bug)
|
03/21/2024
|
#38656
|
wpautop incorrectly handling paragraphs within block elements
|
|
needs-unit-tests
|
normal
|
normal
|
Future Release
|
defect (bug)
|
03/26/2019
|
#43785
|
wptexturize fails to skip JavaScript if code contains <
|
|
needs-unit-tests
|
normal
|
normal
|
Future Release
|
defect (bug)
|
07/10/2024
|
#47594
|
Add nbsp symbol codes to convert throught sanitize_title
|
SergeyBiryukov*
|
has-patch
|
normal
|
minor
|
Future Release
|
enhancement
|
10/28/2021
|
#51707
|
Add white-space as an allowed kses CSS attribute.
|
|
has-patch
|
normal
|
normal
|
Future Release
|
enhancement
|
11/15/2020
|
#19100
|
Introduce esc_color()
|
|
dev-feedback
|
normal
|
normal
|
Future Release
|
enhancement
|
03/04/2020
|
#60319
|
PHPUnit test for wp_spaces_regexp
|
|
has-patch
|
normal
|
normal
|
Future Release
|
enhancement
|
10/09/2024
|
#60300
|
PHPunit Test for wp_staticize_emoji_for_email
|
|
has-patch
|
normal
|
normal
|
Future Release
|
enhancement
|
10/09/2024
|
#39636
|
Smilies not converted when directly followed by punctuation marks
|
|
dev-feedback
|
normal
|
normal
|
Future Release
|
enhancement
|
04/11/2022
|
#52886
|
Update esc_url to allow for specifying an https:// as default protocol
|
|
has-patch
|
normal
|
normal
|
Future Release
|
enhancement
|
07/05/2022
|
#55962
|
Upgrade `sanitize_hex_color()` to CSS Color Level 4
|
pbearne
|
dev-feedback
|
normal
|
normal
|
Future Release
|
enhancement
|
01/17/2024
|
#32787
|
make_clickable filter
|
johnjamesjacoby
|
needs-unit-tests
|
normal
|
normal
|
Future Release
|
enhancement
|
08/02/2022
|
#12056
|
target="_blank" being stripped from Profile Bio and Category Description
|
|
needs-unit-tests
|
normal
|
normal
|
Future Release
|
enhancement
|
10/03/2024
|
#49484
|
Add option 'OR' to wp_sprintf_l()
|
SergeyBiryukov
|
has-patch
|
normal
|
normal
|
Future Release
|
feature request
|
10/20/2020
|
#48261
|
"noopener noreferrer" mis-parses links with "rel=" parameters
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
10/09/2019
|
#57235
|
'excerpt_remove_blocks' removes list blocks
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
11/30/2022
|
#51287
|
Administrators & Editors can't create localfile links in a multisite installation
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
09/24/2020
|
#56531
|
Aiming to “kill” entities, `sanitize_title_with_dashes()` happens to eat content
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
09/25/2022
|
#57713
|
Alignment on "You appear to be making direct edits to... ..." CTA
|
|
reporter-feedback
|
normal
|
minor
|
Awaiting Review
|
defect (bug)
|
02/14/2023
|
#59158
|
Altering Details block styles doubling .wp-block-details class in the output
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/21/2023
|
#60191
|
Ampersand in non-entities such as &a; is not escaped
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
02/27/2024
|
#43810
|
Apostrophe issue
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
02/18/2022
|
#41304
|
Bad protocol sanitization in KSES for URLs NOT RFC 3986 compliant
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/13/2017
|
#39153
|
Bug in wp_html_split with unclosed PHP tag (or HTML tag <)
|
|
needs-unit-tests
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
03/02/2018
|
#48873
|
CSS Selectors in style tags containing greater than signs are escaped
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
12/04/2019
|
#40552
|
Calling wp_parse_args() early, with $args as empty string, may cause fatal error
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
06/19/2021
|
#56530
|
Combining tilde passes `sanitize_title_with_dashes()` and so do most other diacritics
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
09/08/2022
|
#62156
|
Defining custom colors in styles color palette removes other colors from palette in several block editor places
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
10/02/2024
|
#56709
|
Encountered a problem that no one has ever met Please help me
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/08/2023
|
#57381
|
Filter wptexturize brokes tailwindcss brackets
|
|
reporter-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
05/28/2024
|
#43155
|
Formatting bug with ampasands - WooCommerce Layered Nav
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
01/24/2018
|
#40045
|
HTML code entered using "Text" mode gets garbled
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
03/06/2017
|
#49217
|
HTML error with the multi-level list in Classic Editor
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
01/17/2020
|
#61595
|
Hyphenation problem in Dutch language
|
|
reporter-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/08/2024
|
#52463
|
Inline SVG - foreignObject support
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
02/09/2021
|
#47973
|
Invalid HTML output from image_caption + wpautop combination
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/11/2020
|
#62038
|
Issue with is_email() and sanitize_email()
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/24/2024
|
#59056
|
LOST Formatting/Settings when Live Site is copied to Staging or Cloned
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/21/2023
|
#56656
|
Move accent removal from `sanitize_title_with_dashes()` to `remove_accents()`
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
09/26/2022
|
#40191
|
Multiline post content with `<` as first character becomes malformed
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
03/02/2018
|
#34722
|
Open P Tag in shortcode related to h tag
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/20/2017
|
#50197
|
PHP 7.4 Compatibility with WP 5.4.1 – problem with seems_utf8()
|
|
close
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/29/2022
|
#53160
|
PHP 7.4 map_deep compatibility issue
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
05/05/2021
|
#61268
|
PHP Deprecated: ltrim() in formatting esc_url.
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/01/2024
|
#58406
|
Post/Page Content Renders Empty
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/26/2023
|
#55949
|
Prevent trailingslashit from removing backslash for valid filenames on linux systems
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
06/08/2022
|
#39190
|
RSS feed not valid: U+001A or 0x1a
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
01/04/2019
|
#41711
|
Remove hAtom from core
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/29/2017
|
#58616
|
Replace apostrophe with hyphen for slugs
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
06/25/2023
|
#57021
|
Sanitize should accept broader types
|
|
close
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
05/08/2024
|
#52517
|
Shortcodes inside AMP tags do not work
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
06/02/2023
|
#51353
|
Smart Quote Bug
|
|
reporter-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/18/2020
|
#55563
|
The function get_allowed_mime_types should check wp_get_current_user
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
04/12/2022
|
#46846
|
Tight comparisons and use of Yoda conditions are not consistent
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
04/09/2019
|
#30495
|
Unicode character U+000B is not removed by sanitize_file_name
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/27/2018
|
#42058
|
Unit test for _autop_newline_preservation_helper()
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
12/11/2017
|
#59691
|
WordPress doesn't sanitize character ʼ (unicode U+02BC) when converting post title to slug
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
10/20/2023
|
#39188
|
Wrapping paragraph tags around 'Read More' link stripped out of custom post type
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
03/15/2019
|
#50863
|
[playlist] + text = </p> error
|
|
needs-unit-tests
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/06/2020
|
#53023
|
_wp_json_convert_string type mismatch: returns string on success; false on failure
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
10/09/2024
|
#55821
|
`is_email()` does not follow PHP FILTER_VALIDATE_EMAIL rules, when an email has double period (..)
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
06/17/2023
|
#56119
|
`wp_unslash()` and `wp_slash()` do not (un)slash the same data.
|
|
dev-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/11/2022
|
#58666
|
added HTML tags in HTML block
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
06/29/2023
|
#53041
|
colors.css is using the old blue.
|
|
dev-feedback
|
normal
|
minor
|
Awaiting Review
|
defect (bug)
|
04/15/2021
|
#42182
|
esc_js must escape U+2028 and U+2029
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
10/11/2017
|
#46791
|
esc_url() adding http:// to a relative URL to parent directory '../pathname/'
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
05/23/2019
|
#39847
|
force_balance_tags not properly balancing < with <strong> and </strong>
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/22/2024
|
#56433
|
invalid regex used in preg_replace
|
|
reporter-feedback
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
08/24/2022
|
#60391
|
links_add_base_url will encode all attribut in null passed in
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
01/30/2024
|
#40324
|
make_clickable doesn't work if url stands after an even number off spaces
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
03/31/2017
|
#50514
|
make_clickable nested links bug
|
|
needs-unit-tests
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
10/12/2020
|
#60138
|
make_clickable() processing emails start with www. incorrectly.
|
|
has-patch
|
normal
|
trivial
|
Awaiting Review
|
defect (bug)
|
02/15/2024
|
#53815
|
safecss_filter_attr removes styles with min() max() and minmax()
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
07/28/2021
|
#46966
|
urlencode query string parameters
|
|
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
08/20/2019
|
#58377
|
wp_kses filters custom block name with consecutive hyphens
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
05/23/2023
|
#61246
|
wp_kses makes HTML comment HTML uncommented
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/03/2024
|
#58921
|
wp_kses_allowed_html doesn't allow to add esi:include
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
06/22/2024
|
#62024
|
wp_kses_post incorrectly escapes "<" attributes values
|
|
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/10/2024
|
#54138
|
wp_strip_all_tags should remove scripts/styles content recursively
|
|
has-patch
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
09/16/2021
|