Make WordPress Core

{1} All Tickets (8360 matches)

Create a new ticket
  • All active tickets
  • Sort by component, type, summary
  • Accepted tickets have an '*' appended to their owner's name

Results (6701 - 6800 of 8360)

Script Loader (42 matches)

Ticket Summary Owner Workflow Priority Severity Milestone Type Modified Comments
#38548 Add new filters on wp_script_is/wp_style_is normal normal Awaiting Review enhancement 03/26/2019
#60163 Block editor admin assets should use asset file version when in debug/local mode normal normal Awaiting Review enhancement 12/28/2023
#51200 Consider a better way to deprecate JavaScript code normal normal Awaiting Review enhancement 08/31/2020 1
#59132 Create two filters in wp_scripts() and wp_styles(). reporter-feedback normal normal Awaiting Review enhancement 11/27/2023 4
#60734 Deregistering Open Sans normal normal Awaiting Review enhancement 03/09/2024 1
#55639 Implement Async CSS normal normal Awaiting Review enhancement 06/10/2025 2
#43403 Improve wp_add_inline_script() normal normal Awaiting Review enhancement 02/24/2018
#52497 New filter "wp_script_attributes" doesn't take effort in enqueued scripts normal normal Awaiting Review enhancement 02/11/2021
#59076 Proposal for removing the version numbers of the JS and CSS files when SCRIPT_DEBUG is set to true normal normal Awaiting Review enhancement 08/11/2023
#60234 Script Modules API: Add a translations API normal normal Awaiting Review enhancement 05/06/2025 2
#61500 Script Modules: Allow scripts to depend on modules has-patch normal normal Awaiting Review enhancement 12/19/2024 8
#61771 Script Modules: add the importmap's scopes key normal normal Awaiting Review enhancement 09/27/2024 1
#62709 Script modules integration with wp_resource_hints normal minor Awaiting Review enhancement 12/19/2024 2
#43825 Style/script loading infrastructure: Etag header as a hash of script/style handles and their corresponding versions normal normal Awaiting Review enhancement 01/16/2019
#38800 add WP_ADMIN_URL and WP_INCLUDES_URL constants normal normal Awaiting Review enhancement 09/29/2017 3
#43781 adding apply_filters on $handle in localize normal normal Awaiting Review enhancement 04/16/2018 1
#38054 class.wp-scripts.php - add_action when init is already doing reporter-feedback normal normal Awaiting Review enhancement 04/09/2019 1
#40276 enhancement: add a $type parameter to wp_add_inline_script() normal normal Awaiting Review enhancement 11/08/2021 3
#56425 wp_localize_script assign to const and freeze instead of var to avoid reassignments dev-feedback normal normal Awaiting Review enhancement 11/08/2022 6
#37162 wp_style_add_data and wp_script_add_data should accept SRI information normal normal Awaiting Review enhancement 11/14/2018 2
#44211 Add cookie domain to `userSettings` script localize has-patch normal normal Awaiting Review feature request 10/12/2020
#40485 Add function for retrieving metadata from registered script has-patch normal normal Awaiting Review feature request 06/07/2017
#58873 Add function to pass variables to scripts normal normal Awaiting Review feature request 07/22/2023
#47285 Better Management of External Asset Dependencies normal major Awaiting Review feature request 07/24/2024 6
#56993 I want to put a filter in the wp_enqueue_block_support_styles function. normal normal Awaiting Review feature request 10/25/2023 1
#55618 combine/concatenate enqueued relative js/css normal normal Awaiting Review feature request 04/25/2022
#30036 Add some escaping to $handle when printing styles. normal normal 6.9 defect (bug) 06/10/2025 3
#63017 Compression via PHP documented and in URL but not used anymore has-patch normal normal 6.9 defect (bug) 03/23/2025 7
#63018 Increase styles_inline_size_limit from 20,000 bytes westonruter* normal normal 6.9 enhancement 03/26/2025 1
#61734 Add the ability to handle "fetchpriority" to ES Modules and Import Maps westonruter* has-patch normal minor 6.8.2 enhancement 06/20/2025 21
#24713 Compression in load_styles.php does not always work, causing inability to use the admin normal normal defect (bug) 06/04/2019 1
#26113 Create a WordPress-specific, dependable reference to the WP-bundled jQuery object. normal normal defect (bug) 06/04/2019 2
#53638 Duplicate inline JS normal minor defect (bug) 06/12/2024 5
#13078 Make wp_register_style and wp_enqueue_style consistent has-patch normal normal defect (bug) 06/04/2019 3
#36779 Move /wp-admin/load-scripts.php and /wp-admin/load-styles.php to /wp-includes normal normal defect (bug) 06/04/2019
#35963 Only remove item from WP_Dependencies::to_do if it was successfully processed needs-unit-tests normal normal defect (bug) 06/04/2019 2
#21520 Prevent recursive script dependencies in wp_enqueue_script normal normal defect (bug) 06/04/2019 11
#36448 When concatenating scripts in script-loader dependencies may not be honoured. normal normal defect (bug) 06/04/2019 1
#36449 When concatenating styles in script-loader dependencies may not be honoured. normal normal defect (bug) 06/04/2019 1
#25666 Pass perpetrating $handle to enqueue_script's _doing_it_wrong() call normal normal enhancement 06/04/2019 4
#36791 Set load order when enqueuing scripts and styles has-patch normal normal enhancement 06/04/2019 4
#20558 allow wp_localize_script data to be added to existing objects dev-feedback normal normal enhancement 06/04/2019 6

Security (49 matches)

Ticket Summary Owner Workflow Priority Severity Milestone Type Modified Comments
#53973 WordPress <= 5.8 - Authenticated Persistent XSS (User role name) has-patch normal normal Future Release defect (bug) 03/12/2025 13
#56141 Enhance installer security dev-feedback high major Future Release enhancement 12/31/2023 14
#28521 FORCE_SSL constant for really forcing SSL adamsilverstein normal normal Future Release enhancement 11/19/2024 26
#44058 Include security sniffs in PHPCS ruleset normal normal Future Release enhancement 05/16/2018 3
#36087 Migration plan from insecure RNG fallback normal normal Future Release enhancement 09/30/2020 3
#51407 Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility adamsilverstein dev-feedback normal normal Future Release enhancement 12/26/2023 15
#37000 Support for the SameSite cookie attribute dev-feedback normal normal Future Release enhancement 06/06/2024 45
#29429 Support frame-ancestors directive over X-Frame-Options dev-feedback normal normal Future Release enhancement 07/29/2019 3
#51438 Use CSP directive upgrade-insecure-requests when using HTTPS needs-unit-tests normal normal Future Release enhancement 11/09/2021 4
#38474 wp_signups.activation_key stores activation keys in plain text SergeyBiryukov dev-feedback normal normal Future Release enhancement 06/20/2025 21
#20140 Ask old password to change user password dev-feedback normal major Future Release feature request 07/28/2024 22
#30465 Dashboard alert if a plugin/theme was removed from WordPress repo dev-feedback normal normal Future Release feature request 06/11/2025 63
#32067 Remove inline javascript from WP-Core to allow CSP protection normal normal Future Release feature request 06/18/2024 20
#52333 Lack of the &colon; entity on the list of allowed entity names in kses.php has-patch normal minor Awaiting Review defect (bug) 01/20/2021
#41391 Links to media in password protected pages normal normal Awaiting Review defect (bug) 07/24/2017 1
#37264 Please do not chmod 666 the wp-config.php file on installation. has-patch normal normal Awaiting Review defect (bug) 03/22/2019 9
#53869 Post type / Taxonomy Label Hardening: Prevent Raw HTML tags in output / Media Library eval of HTML entities in label has-patch normal normal Awaiting Review defect (bug) 08/04/2021 3
#53994 REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request normal normal Awaiting Review defect (bug) 08/24/2021
#63259 Replace zxcvbn with zxcvbn-ts normal normal Awaiting Review defect (bug) 04/11/2025 4
#56860 Sodium Compat library is improperly loaded normal normal Awaiting Review defect (bug) 11/19/2024
#60864 URL sanitizing strips valid characters instead of encoding, documented use is invalid has-patch normal normal Awaiting Review defect (bug) 04/03/2024 4
#63457 WordPress 6.8 will fail creating bcrypt when entropy sources are not available reporter-feedback normal normal Awaiting Review defect (bug) 05/18/2025 2
#62693 check if chmod is available to prevent Fatal Errors normal normal Awaiting Review defect (bug) 12/14/2024 2
#58679 meta key field in usermeta table should NOT use accent insensitive collations normal major Awaiting Review defect (bug) 10/30/2023
#57447 wp_ajax_inline_save function does not check if post has "public" or "show_ui" enabled normal normal Awaiting Review defect (bug) 01/11/2023
#31686 wp_authenticate_username_password() should check for a WP_Error object reporter-feedback normal normal Awaiting Review defect (bug) 08/06/2019 6
#56521 wp_kses wp_kses_hair fails to allow a valueless attribute when is follwed by / has-patch normal major Awaiting Review defect (bug) 09/06/2022 1
#62384 .htaccess lacks normal normal Awaiting Review enhancement 12/09/2024 1
#37757 Add `allowed_classes` to `maybe_unserialize` When WordPress is running on PHP 7+ dev-feedback normal normal Awaiting Review enhancement 04/24/2025 14
#23165 Admin validation errors on form nonce element IDs (_wpnonce) has-patch normal normal Awaiting Review enhancement 02/08/2021 17
#58636 Automatic Sanitization of Nonces in wp_verify_nonce normal normal Awaiting Review enhancement 06/26/2023
#40237 Educate users about modern password best-practices normal normal Awaiting Review enhancement 06/06/2022 9
#51611 Escape echoing Core functions normal normal Awaiting Review enhancement 10/24/2020 1
#43320 Harden API requests against man-in-the-middle attacks low minor Awaiting Review enhancement 02/18/2018 2
#62949 HttpOnly flag for the post password cookie dev-feedback normal normal Awaiting Review enhancement 02/12/2025
#51159 Let's expand our context specific escaping methods for wp_json_encode(). normal normal Awaiting Review enhancement 05/09/2024 2
#57424 Specific hook for Content Security Policy normal normal Awaiting Review enhancement 01/05/2023
#61706 Support for storing and getting encrypted options dev-feedback normal normal Awaiting Review enhancement 02/18/2025 1
#60470 Use `filter_input` instead of superglobals where possible normal normal Awaiting Review enhancement 02/09/2024 3
#63329 Use check_ajax_referer() instead of check_admin_referer() for AJAX requests in media form handling. has-patch normal normal Awaiting Review enhancement 04/22/2025 1
#36177 default htaccess should include security measures normal normal Awaiting Review enhancement 12/24/2024 23
#55514 2FA by default for WordPress normal normal Awaiting Review feature request 03/06/2023 3
#43215 Allow wp_kses to pass allowed CSS properties normal normal Awaiting Review feature request 02/21/2025 4
#53902 Automating the creation of inline javascript and inline stylesheet nonces or hashes normal normal Awaiting Review feature request 07/03/2024 4
#62202 allow plugin versions to be flagged as security updates close normal normal Awaiting Review feature request 10/10/2024 5
#43936 Settings: Warn when open registration and new user default is privileged audrasjb* dev-feedback normal normal 6.9 feature request 05/12/2025 67
#63165 Update bundled root certificates for 6.9 has-patch normal normal 6.9 task (blessed) 06/18/2025 3
#63595 Cease support for 4.1 - 4.6 johnbillion has-patch normal normal 6.8.2 task (blessed) 06/23/2025 28
#62134 Security Issue in WordPress Core normal normal defect (bug) 10/14/2024 5

Shortcodes (9 matches)

Ticket Summary Owner Workflow Priority Severity Milestone Type Modified Comments
#47863 Fix odd, unexpected output from shortcode_parse_attts SergeyBiryukov dev-feedback normal normal Future Release defect (bug) 02/24/2020 32
#43725 Multiple instances of opening / closing shortcode only works when closing tag is provided normal normal Future Release defect (bug) 07/16/2020 1
#58366 Shortcode Support Regained but Content Filters are messing with Shortcode HTML needs-unit-tests normal normal Future Release defect (bug) 05/22/2025 95
#43686 Shortcodes containing asterisks may create invalid regex breaking the editor dev-feedback normal normal Future Release defect (bug) 01/16/2019 3
#45377 Video Shortcode Ajax Issue normal minor Future Release defect (bug) 12/06/2018 5
#35022 WP allows Unicode 0x00a0 spaces in editor but shortcode parser can't handle them has-patch normal normal Future Release defect (bug) 02/06/2017 21
#6984 wpautop() formats the the contents of shortcodes normal normal Future Release defect (bug) 04/01/2019 18
#47616 Enhancement: doing_shortcode() function similar to doing_filter() audrasjb* needs-unit-tests normal normal Future Release enhancement 11/09/2021 17
#31093 Make $tag argument optional for has_shortcode() dev-feedback normal normal Future Release enhancement 10/31/2017 6
Note: See TracReports for help on using and creating reports.