Make WordPress Core

Context Navigation

{1} All Tickets (8169 matches)

Create a new ticket

All active tickets
Sort by component, type, summary
Accepted tickets have an '*' appended to their owner's name

Results (6601 - 6700 of 8169)

← 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 →

Security (57 matches)

Ticket	Summary	Owner	Workflow	Priority	Severity	Milestone	Type	Modified	Comments
#55950	FIDO passwordless authentication?			normal	minor	Awaiting Review	feature request	06/08/2022	1
#28521	FORCE_SSL constant for really forcing SSL	adamsilverstein		normal	normal	Future Release	enhancement	06/08/2023	22
#58769	HTTP/3 Early-Data/0-RTT replay attack			normal	major	Awaiting Review	defect (bug)	07/10/2023	1
#43320	Harden API requests against man-in-the-middle attacks			low	minor	Awaiting Review	enhancement	02/18/2018	2
#38536	Hook/Function to Set Content-Security-Policy			normal	normal	Awaiting Review	feature request	06/04/2019	2
#50510	Improve security of wp_nonce implementation		dev-feedback	normal	normal	Awaiting Review	enhancement	07/11/2023	5
#44058	Include security sniffs in PHPCS ruleset			normal	normal	Future Release	enhancement	05/16/2018	3
#52333	Lack of the &colon; entity on the list of allowed entity names in kses.php		has-patch	normal	minor	Awaiting Review	defect (bug)	01/20/2021
#51159	Let's expand our context specific escaping methods for wp_json_encode().			normal	normal	Awaiting Review	enhancement	08/27/2020	1
#41391	Links to media in password protected pages			normal	normal	Awaiting Review	defect (bug)	07/24/2017	1
#36087	Migration plan from insecure RNG fallback			normal	normal	Future Release	enhancement	09/30/2020	3
#53618	Nonce use for AJAX calls interferes with page caching			normal	normal	Awaiting Review	defect (bug)	07/07/2021	1
#37559	Password protected pages require the password only once			normal	normal	Awaiting Review	defect (bug)	06/04/2019	2
#37264	Please do not chmod 666 the wp-config.php file on installation.		has-patch	normal	normal	Awaiting Review	defect (bug)	03/22/2019	9
#53869	Post type / Taxonomy Label Hardening: Prevent Raw HTML tags in output / Media Library eval of HTML entities in label		has-patch	normal	normal	Awaiting Review	defect (bug)	08/04/2021	3
#55228	Provide Option to Remove Password Visibility Button and Dashicons from WordPress' Login Form		close	normal	normal	Awaiting Review	feature request	02/25/2022	2
#53994	REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request			normal	normal	Awaiting Review	defect (bug)	08/24/2021
#51407	Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility	adamsilverstein	dev-feedback	normal	normal	Future Release	enhancement	05/16/2023	14
#32067	Remove inline javascript from WP-Core to allow CSP protection			normal	normal	Future Release	feature request	09/28/2020	19
#52544	Removing database tables allows anyone to take over all website files			normal	major	Awaiting Review	enhancement	07/05/2022	15
#50027	Retire Phpass and use PHP native password hashing		needs-unit-tests	normal	normal	Awaiting Review	defect (bug)	05/08/2023	17
#43936	Settings: Warn when open registration and new user default is privileged	SergeyBiryukov	has-patch	normal	major	Future Release	feature request	03/30/2023	27
#56860	Sodium Compat library is improperly loaded			normal	normal	Awaiting Review	defect (bug)	10/20/2022
#58771	Someone logged onto my WordPress Admin Site, changed the password, and created a User Registration			normal	normal	Awaiting Review	defect (bug)	07/10/2023
#57424	Specific hook for Content Security Policy			normal	normal	Awaiting Review	enhancement	01/05/2023
#54512	Suggestion for file protection			normal	normal	Awaiting Review	enhancement	11/25/2021
#37000	Support for the SameSite cookie attribute		dev-feedback	normal	normal	Future Release	enhancement	11/11/2022	42
#29429	Support frame-ancestors directive over X-Frame-Options		dev-feedback	normal	normal	Future Release	enhancement	07/29/2019	3
#38262	Task: Opt in SSL Improvements			normal	normal	Awaiting Review	enhancement	02/05/2020	3
#53019	The _sanitize_text_fields function removing the octets that incorrectly work with Arabic RTL languages.			normal	normal	Awaiting Review	defect (bug)	03/14/2023	3
#34041	Tying nonces to sessions breaks when users are switched			normal	major	Future Release	defect (bug)	06/04/2019	5
#59355	TypeError: Cannot read properties of undefined (reading 'hasClass') in wp-auth-check.min.js			normal	normal	Awaiting Review	defect (bug)	09/15/2023	1
#50828	Update ca-bundle.crt and remove expired certificates	SergeyBiryukov	has-patch	normal	normal	Future Release	defect (bug)	11/10/2021	25
#51438	Use CSP directive upgrade-insecure-requests when using HTTPS		needs-unit-tests	normal	normal	Future Release	enhancement	11/09/2021	4
#52388	Use HTTPS URL already during installation if supported		needs-unit-tests	normal	normal	Future Release	enhancement	01/28/2021
#21022	Use bcrypt for password hashing; updating old hashes		dev-feedback	normal	major	Future Release	enhancement	05/08/2023	128
#55067	Use of undefined constant ABSPATH - assumed 'ABSPATH' as of WP5.9		dev-feedback	normal	normal	Awaiting Review	enhancement	06/12/2023	12
#57882	User that has capability to create user can make only administrator.		reporter-feedback	normal	normal	Awaiting Review	defect (bug)	03/07/2023	1
#16483	Visibility: password-protected exposes multiple pages		dev-feedback	normal	normal	Future Release	defect (bug)	01/30/2022	33
#48955	WP 5.3.1 changes cause potential backwards compatibility breakage with kses			normal	normal	Future Release	defect (bug)	08/12/2020	28
#53973	WordPress <= 5.8 - Authenticated Persistent XSS (User role name)		dev-feedback	normal	normal	Awaiting Review	defect (bug)	12/23/2022	8
#58916	Wrong User Password Reset			normal	normal	Awaiting Review	defect (bug)	07/29/2023	3
#47440	add_header X-Frame-Options		close	normal	normal	Awaiting Review	enhancement	05/31/2019	1
#36177	default htaccess should include security measures			normal	normal	Awaiting Review	enhancement	11/09/2021	18
#50613	disable update for themes e plugin			normal	normal	Awaiting Review	feature request	07/09/2020	1
#34852	fix broken re-auth loop (due to expired session)			normal	normal	Awaiting Review	defect (bug)	06/04/2019	1
#55605	kses "selected" for option		has-patch	normal	normal	Awaiting Review	defect (bug)	06/15/2022	2
#57613	my client made changes to site without being a user		close	normal	normal	Awaiting Review	defect (bug)	02/02/2023	1
#56391	safecss_filter_attr(): support rgba background-color		has-patch	normal	normal	Awaiting Review	defect (bug)	11/30/2022	5
#58765	the_block_template_skip_link() - XSS vulnerability - Apply FIX		has-patch	normal	normal	Awaiting Review	enhancement	07/08/2023	2
#56335	use hash_equals to check password hash		close	normal	trivial	Awaiting Review	enhancement	10/12/2022	3
#57447	wp_ajax_inline_save function does not check if post has "public" or "show_ui" enabled			normal	normal	Awaiting Review	defect (bug)	01/11/2023
#31686	wp_authenticate_username_password() should check for a WP_Error object		reporter-feedback	normal	normal	Awaiting Review	defect (bug)	08/06/2019	6
#56521	wp_kses wp_kses_hair fails to allow a valueless attribute when is follwed by /		has-patch	normal	major	Awaiting Review	defect (bug)	09/06/2022	1
#38474	wp_signups.activation_key stores activation keys in plain text	SergeyBiryukov	has-patch	normal	normal	Future Release	enhancement	01/08/2019	15
#37670	wp_validate_redirect fails when running WordPress on a port		reporter-feedback	normal	normal	Awaiting Review	defect (bug)	06/04/2019	2
#54280	wp_verify_nonce should return a filter			normal	normal	Awaiting Review	enhancement	10/17/2021
Shortcodes (43 matches)
Ticket	Summary	Owner	Workflow	Priority	Severity	Milestone	Type	Modified	Comments
#58469	Changeset 55832 broke shortcodes saved in block attributes and rendered serverside			normal	normal	Awaiting Review	defect (bug)	06/07/2023	1
#33134	Complex Nested Shortcodes Inside of Attributes Are Not Processed Left-to-Right			normal	normal		defect (bug)	06/04/2019	7
#41086	Conditional loading of CSS files from (for example) shortcodes			normal	normal	Awaiting Review	feature request	06/16/2017	1
#49877	Content enclosed by (content enclosing) shortcode gets stripped from excerpt		dev-feedback	normal	normal	Awaiting Review	defect (bug)	07/24/2020	5
#47616	Enhancement: doing_shortcode() function similar to doing_filter()	audrasjb*	needs-unit-tests	normal	normal	Future Release	enhancement	11/09/2021	17
#47984	Filter pre_do_shortcode		has-patch	normal	normal	Awaiting Review	feature request	09/05/2019
#47863	Fix odd, unexpected output from shortcode_parse_attts	SergeyBiryukov	dev-feedback	normal	normal	Future Release	defect (bug)	02/24/2020	32
#51377	Front End elements break after too many shortcodes		reporter-feedback	normal	normal	Awaiting Review	defect (bug)	09/24/2020	2
#54289	Improve get_shortcode_regex performance		has-patch	normal	normal	Awaiting Review	enhancement	10/19/2021	1
#25435	Introduce alternative to do_shortcode( '[shortcode]' )	rmccue	has-patch	normal	normal	Future Release	feature request	09/27/2017	31
#29683	Live Preview shortcodes			normal	normal		enhancement	02/26/2021	5
#31093	Make $tag argument optional for has_shortcode()		dev-feedback	normal	normal	Future Release	enhancement	10/31/2017	6
#46412	Make shortcode attributes case-insensitive? shortcode_parse_atts			normal	normal	Awaiting Review	enhancement	03/04/2019	1
#33593	Make shortcodes case insensitive		dev-feedback	normal	normal		feature request	06/04/2019	2
#43725	Multiple instances of opening / closing shortcode only works when closing tag is provided			normal	normal	Future Release	defect (bug)	07/16/2020	1
#24990	Nested Shortcode Inside [caption]		needs-unit-tests	normal	normal		defect (bug)	05/08/2021	26
#37183	Nested shortcodes in new-style [caption]		dev-feedback	normal	normal		defect (bug)	05/08/2021	3
#50683	Parse content for shortcodes instead of using regex	johnbillion	has-patch	normal	normal	Future Release	enhancement	10/07/2021	37
#57790	Parsing of Shortcode Attributes: bug locating a final attribute		dev-feedback	normal	normal	Awaiting Review	defect (bug)	02/28/2023	1
#45929	Potential assignment to empty string	joedolson*	has-patch	normal	normal	6.4	defect (bug)	09/28/2023	5
#34814	Presence of "Less than sign" < adds additional closing shortcode tag.			normal	normal		defect (bug)	06/04/2019	1
#35216	Return empty string from wp.shortcode.replace() callback is ignored		has-patch	normal	normal	Awaiting Review	defect (bug)	06/27/2018	6
#37238	Right-aligned captions with embedded iframes get removed in Visual mode			normal	normal		defect (bug)	04/19/2019	1
#35591	Shortcode Attributes Parsing Issue		reporter-feedback	normal	normal		defect (bug)	06/04/2019	13
#58366	Shortcode Support Regained but Content Filters are messing with Shortcode HTML		needs-unit-tests	normal	normal	6.4	defect (bug)	09/08/2023	56
#59509	Shortcode attributes named 0 are ignored			normal	normal	Awaiting Review	defect (bug)	09/30/2023
#49955	Shortcode escaping not correctly handled when followed by enclosing shortcodes			normal	normal	Awaiting Review	defect (bug)	07/16/2020	2
#58386	Shortcode generated by a block element is not executed in templates			normal	normal	Awaiting Review	defect (bug)	06/09/2023	4
#38713	Shortcodes and utf-8 no-break whitespace (\xc2\xa0)			normal	normal	Awaiting Review	defect (bug)	03/25/2019	1
#43686	Shortcodes containing asterisks may create invalid regex breaking the editor		dev-feedback	normal	normal	Future Release	defect (bug)	01/16/2019	3
#55406	Shortcodes don't work inside srcset attribute			normal	normal	Awaiting Review	defect (bug)	04/08/2022
#58397	Shortcodes in patterns are not rendered in templates			normal	normal	Awaiting Review	defect (bug)	05/24/2023
#52567	Shortcodes in separate <p> tags appear on same line in browser			normal	normal	Awaiting Review	defect (bug)	05/25/2023	1
#29661	Should Shortcode Attributes Allow HTML Special Characters?			normal	normal		enhancement	06/04/2019	4
#35545	Unexpected behavior of wp.shortcode.regexp			normal	normal		defect (bug)	06/04/2019
#45377	Video Shortcode Ajax Issue			normal	minor	Future Release	defect (bug)	12/06/2018	5
#42718	Video shortcode needs muted attribute for Autoplay to work with Safari 11.0.1+		has-patch	normal	normal	Awaiting Review	defect (bug)	07/10/2020	8
#35022	WP allows Unicode 0x00a0 spaces in editor but shortcode parser can't handle them		has-patch	normal	normal	Future Release	defect (bug)	02/06/2017	21
#25820	[embed] shortcode can't be escaped like others			normal	minor		defect (bug)	06/04/2019	9
#43456	`wp_html_split` <script>			normal	normal	Awaiting Review	defect (bug)	03/02/2018
#43457	`wp_html_split` valid HTML attributes issues			normal	normal	Awaiting Review	defect (bug)	03/02/2018
#26649	escaped shortcodes should not be expanded during 'get_the_excerpt'		needs-unit-tests	normal	normal		defect (bug)	06/04/2019	5
#36958	extending has_shortcode to allow searching in custom fields			normal	normal		enhancement	06/04/2019	1

← 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 →

Note: See TracReports for help on using and creating reports.

Trac UI Preferences

Download in other formats: