Make WordPress Core

{1} All Tickets (8432 matches)

Create a new ticket
  • All active tickets
  • Sort by component, type, summary
  • Accepted tickets have an '*' appended to their owner's name

Results (6801 - 6900 of 8432)

Security (41 matches)

Ticket Summary Owner Workflow Priority Severity Milestone Type Modified Comments
#53869 Post type / Taxonomy Label Hardening: Prevent Raw HTML tags in output / Media Library eval of HTML entities in label has-patch normal normal Awaiting Review defect (bug) 08/04/2021 3
#53994 REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request normal normal Awaiting Review defect (bug) 08/24/2021
#56860 Sodium Compat library is improperly loaded normal normal Awaiting Review defect (bug) 11/19/2024
#60864 URL sanitizing strips valid characters instead of encoding, documented use is invalid has-patch normal normal Awaiting Review defect (bug) 04/03/2024 4
#58679 meta key field in usermeta table should NOT use accent insensitive collations normal major Awaiting Review defect (bug) 10/30/2023
#57447 wp_ajax_inline_save function does not check if post has "public" or "show_ui" enabled normal normal Awaiting Review defect (bug) 01/11/2023
#31686 wp_authenticate_username_password() should check for a WP_Error object reporter-feedback normal normal Awaiting Review defect (bug) 08/06/2019 6
#56521 wp_kses wp_kses_hair fails to allow a valueless attribute when is follwed by / has-patch normal major Awaiting Review defect (bug) 09/06/2022 1
#62384 .htaccess lacks normal normal Awaiting Review enhancement 12/02/2024 1
#37757 Add `allowed_classes` to `maybe_unserialize` When WordPress is running on PHP 7+ has-patch normal normal Awaiting Review enhancement 09/13/2017 7
#23165 Admin validation errors on form nonce element IDs (_wpnonce) has-patch normal normal Awaiting Review enhancement 02/08/2021 17
#58636 Automatic Sanitization of Nonces in wp_verify_nonce normal normal Awaiting Review enhancement 06/26/2023
#40237 Educate users about modern password best-practices normal normal Awaiting Review enhancement 06/06/2022 9
#62005 Enhance wp_hash function to support custom hashing algorithms has-patch normal normal Awaiting Review enhancement 11/19/2024 5
#51611 Escape echoing Core functions normal normal Awaiting Review enhancement 10/24/2020 1
#43320 Harden API requests against man-in-the-middle attacks low minor Awaiting Review enhancement 02/18/2018 2
#50510 Improve security of wp_nonce implementation reporter-feedback normal normal Awaiting Review enhancement 11/19/2024 6
#51159 Let's expand our context specific escaping methods for wp_json_encode(). normal normal Awaiting Review enhancement 05/09/2024 2
#62055 Put index.php into Public folder on the root directory reporter-feedback normal normal Awaiting Review enhancement 11/19/2024 1
#57424 Specific hook for Content Security Policy normal normal Awaiting Review enhancement 01/05/2023
#61706 Support for storing and getting encrypted options normal normal Awaiting Review enhancement 07/19/2024
#60470 Use `filter_input` instead of superglobals where possible normal normal Awaiting Review enhancement 02/09/2024 3
#36177 default htaccess should include security measures normal normal Awaiting Review enhancement 04/12/2024 19
#55514 2FA by default for WordPress normal normal Awaiting Review feature request 03/06/2023 3
#43215 Allow wp_kses to pass allowed CSS properties normal normal Awaiting Review feature request 11/18/2024
#53902 Automating the creation of inline javascript and inline stylesheet nonces or hashes normal normal Awaiting Review feature request 07/03/2024 4
#62202 allow plugin versions to be flagged as security updates close normal normal Awaiting Review feature request 10/10/2024 5
#50828 Update ca-bundle.crt and remove expired certificates SergeyBiryukov has-patch normal normal Future Release defect (bug) 11/10/2021 25
#48955 WP 5.3.1 changes cause potential backwards compatibility breakage with kses normal normal Future Release defect (bug) 08/12/2020 28
#53973 WordPress <= 5.8 - Authenticated Persistent XSS (User role name) has-patch normal normal Future Release defect (bug) 06/15/2024 12
#56141 Enhance installer security dev-feedback high major Future Release enhancement 12/31/2023 14
#28521 FORCE_SSL constant for really forcing SSL adamsilverstein normal normal Future Release enhancement 11/19/2024 26
#44058 Include security sniffs in PHPCS ruleset normal normal Future Release enhancement 05/16/2018 3
#36087 Migration plan from insecure RNG fallback normal normal Future Release enhancement 09/30/2020 3
#51407 Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility adamsilverstein dev-feedback normal normal Future Release enhancement 12/26/2023 15
#37000 Support for the SameSite cookie attribute dev-feedback normal normal Future Release enhancement 06/06/2024 45
#29429 Support frame-ancestors directive over X-Frame-Options dev-feedback normal normal Future Release enhancement 07/29/2019 3
#51438 Use CSP directive upgrade-insecure-requests when using HTTPS needs-unit-tests normal normal Future Release enhancement 11/09/2021 4
#38474 wp_signups.activation_key stores activation keys in plain text SergeyBiryukov has-patch normal normal Future Release enhancement 04/23/2024 16
#20140 Ask old password to change user password dev-feedback normal major Future Release feature request 07/28/2024 22
#32067 Remove inline javascript from WP-Core to allow CSP protection normal normal Future Release feature request 06/18/2024 20

Shortcodes (55 matches)

Ticket Summary Owner Workflow Priority Severity Milestone Type Modified Comments
#33134 Complex Nested Shortcodes Inside of Attributes Are Not Processed Left-to-Right normal normal defect (bug) 06/04/2019 7
#24990 Nested Shortcode Inside [caption] needs-unit-tests normal normal defect (bug) 05/08/2021 26
#37183 Nested shortcodes in new-style [caption] dev-feedback normal normal defect (bug) 05/08/2021 3
#34814 Presence of "Less than sign" < adds additional closing shortcode tag. normal normal defect (bug) 06/04/2019 1
#37238 Right-aligned captions with embedded iframes get removed in Visual mode normal normal defect (bug) 04/19/2019 1
#35591 Shortcode Attributes Parsing Issue reporter-feedback normal normal defect (bug) 06/04/2019 13
#35545 Unexpected behavior of wp.shortcode.regexp normal normal defect (bug) 06/04/2019
#25820 [embed] shortcode can't be escaped like others normal minor defect (bug) 06/04/2019 9
#26649 escaped shortcodes should not be expanded during 'get_the_excerpt' needs-unit-tests normal normal defect (bug) 06/04/2019 5
#33213 has_shortcode spec in 4.3 normal normal defect (bug) 06/04/2019 3
#34983 shortcodes not working in input fields normal normal defect (bug) 06/04/2019 3
#29661 Should Shortcode Attributes Allow HTML Special Characters? normal normal enhancement 06/04/2019 4
#36958 extending has_shortcode to allow searching in custom fields normal normal enhancement 06/04/2019 1
#35179 playlist shortcode needs an option to not loop normal normal enhancement 06/04/2019
#25644 strip_shortcodes always removes text between shortcode tags, should be optional dev-feedback normal normal enhancement 06/04/2019 5
#33593 Make shortcodes case insensitive dev-feedback normal normal feature request 06/04/2019 2
#58174 A shortcode block that evaluates to nothing, renders as a space in the HTML normal normal Awaiting Review defect (bug) 10/26/2023 3
#60887 After upgrade to WordPress 6.4.3, do_shortcode no longer works in page templates normal critical Awaiting Review defect (bug) 04/02/2024
#58469 Changeset 55832 broke shortcodes saved in block attributes and rendered serverside normal normal Awaiting Review defect (bug) 06/07/2023 1
#49877 Content enclosed by (content enclosing) shortcode gets stripped from excerpt dev-feedback normal normal Awaiting Review defect (bug) 07/24/2020 5
#51377 Front End elements break after too many shortcodes reporter-feedback normal normal Awaiting Review defect (bug) 09/24/2020 2
#57790 Parsing of Shortcode Attributes: bug locating a final attribute dev-feedback normal normal Awaiting Review defect (bug) 02/28/2023 1
#35216 Return empty string from wp.shortcode.replace() callback is ignored has-patch normal normal Awaiting Review defect (bug) 06/27/2018 6
#61007 Shortcode aren't paste inline in paragraphs normal major Awaiting Review defect (bug) 08/24/2024 7
#59509 Shortcode attributes named 0 are ignored needs-unit-tests normal normal Awaiting Review defect (bug) 10/25/2024 4
#49955 Shortcode escaping not correctly handled when followed by enclosing shortcodes normal normal Awaiting Review defect (bug) 07/16/2020 2
#58386 Shortcode generated by a block element is not executed in templates normal normal Awaiting Review defect (bug) 06/09/2023 4
#38713 Shortcodes and utf-8 no-break whitespace (\xc2\xa0) normal normal Awaiting Review defect (bug) 03/25/2019 1
#55406 Shortcodes don't work inside srcset attribute normal normal Awaiting Review defect (bug) 04/08/2022
#58397 Shortcodes in patterns are not rendered in templates normal normal Awaiting Review defect (bug) 05/24/2023
#52567 Shortcodes in separate <p> tags appear on same line in browser normal normal Awaiting Review defect (bug) 05/25/2023 1
#42718 Video shortcode needs muted attribute for Autoplay to work with Safari 11.0.1+ has-patch normal normal Awaiting Review defect (bug) 07/10/2020 8
#43456 `wp_html_split` <script> normal normal Awaiting Review defect (bug) 03/02/2018
#43457 `wp_html_split` valid HTML attributes issues has-patch normal normal Awaiting Review defect (bug) 05/28/2024 5
#44571 force_balance_tags breaks JavaScript normal normal Awaiting Review defect (bug) 09/22/2024 2
#40958 force_balance_tags breaks Ninjaforms and probably other plugins that output html within js. normal normal Awaiting Review defect (bug) 12/05/2024 5
#60948 shortcodes that return with no value / text will break if shortcode is being used as an attribute value normal normal Awaiting Review defect (bug) 08/13/2024 3
#57267 wp_enqueue_style is not working under shortcode reporter-feedback normal normal Awaiting Review defect (bug) 12/15/2022 1
#54289 Improve get_shortcode_regex performance has-patch normal normal Awaiting Review enhancement 10/19/2021 1
#46412 Make shortcode attributes case-insensitive? shortcode_parse_atts normal normal Awaiting Review enhancement 03/04/2019 1
#60200 Search functionality does not search shortcodes normal normal Awaiting Review enhancement 01/06/2024
#62454 [ wp-includes/shortcodes.php - do_shortcode() ] - fallback in case content is not a string dev-feedback normal trivial Awaiting Review enhancement 11/19/2024 4
#41086 Conditional loading of CSS files from (for example) shortcodes normal normal Awaiting Review feature request 06/16/2017 1
#47984 Filter pre_do_shortcode has-patch normal normal Awaiting Review feature request 09/05/2019
#47863 Fix odd, unexpected output from shortcode_parse_attts SergeyBiryukov dev-feedback normal normal Future Release defect (bug) 02/24/2020 32
#43725 Multiple instances of opening / closing shortcode only works when closing tag is provided normal normal Future Release defect (bug) 07/16/2020 1
#58366 Shortcode Support Regained but Content Filters are messing with Shortcode HTML needs-unit-tests normal normal Future Release defect (bug) 10/27/2024 91
#43686 Shortcodes containing asterisks may create invalid regex breaking the editor dev-feedback normal normal Future Release defect (bug) 01/16/2019 3
#45377 Video Shortcode Ajax Issue normal minor Future Release defect (bug) 12/06/2018 5
#35022 WP allows Unicode 0x00a0 spaces in editor but shortcode parser can't handle them has-patch normal normal Future Release defect (bug) 02/06/2017 21
#6984 wpautop() formats the the contents of shortcodes normal normal Future Release defect (bug) 04/01/2019 18
#47616 Enhancement: doing_shortcode() function similar to doing_filter() audrasjb* needs-unit-tests normal normal Future Release enhancement 11/09/2021 17
#31093 Make $tag argument optional for has_shortcode() dev-feedback normal normal Future Release enhancement 10/31/2017 6
#50683 Parse content for shortcodes instead of using regex johnbillion has-patch normal normal Future Release enhancement 06/17/2024 39
#25435 Introduce alternative to do_shortcode( '[shortcode]' ) rmccue has-patch normal normal Future Release feature request 09/27/2017 31

Site Health (4 matches)

Ticket Summary Owner Workflow Priority Severity Milestone Type Modified Comments
#61623 Site Health PHP check shows inaccurate status pbearne has-patch normal normal 6.8 defect (bug) 10/21/2024 26
#62252 wp_is_https_supported uses deprecated function flixos90 has-patch normal trivial 6.8 defect (bug) 11/12/2024 8
#58518 "More info about performance optimization" links in Site Health go to 404 error on WordPress.org normal normal Awaiting Review defect (bug) 06/13/2023 10
#49923 Change "Critical Issue" to "Recommendation" close normal critical Awaiting Review defect (bug) 12/08/2021 10
Note: See TracReports for help on using and creating reports.