#40719
|
iis7_add_rewrite_rule and iis7_delete_rewrite_rule create malformed web.config
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
02/15/2020
|
#45970
|
in IIS if web.confing <configuration has xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0" attribute the WordPress creates new <configuration> section and the site craches with wrong web.config
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/13/2019
|
#36486
|
is_apache in vars.php does not always work
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
07/31/2024
|
#19493
|
post and archive pagination don't work with custom endpoints
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/25/2018
|
#60713
|
remove 'array_merge(...)' is used in a loop and is a resources greedy construction. from generate_rewrite_rules
|
pbearne
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
04/10/2024
|
#58536
|
url_to_postid does not work at MS install in context of another blog when $wp_rewrite->use_verbose_page_rules differs
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
10/29/2023
|
#43678
|
Add indents to default .htaccess rules
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
04/02/2018
|
#34136
|
Allow register_post_type's rewrite to remove CPT slug
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/24/2022
|
#34776
|
Introduced the `$site_root` and `$home_root` parameter in `mod_rewrite_rules`
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
04/01/2018
|
#18450
|
New safe action to add rewrite rules on
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
dev-feedback
|
09/21/2018
|
#41946
|
Option to delete_with_markers
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
09/21/2017
|
#29118
|
Registering rewrite rules is hard, so let's introduce remove_rewrite_rule.
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
08/14/2024
|
#40395
|
New action: pre_generate_rewrite_rules
|
|
Rewrite Rules
|
normal
|
normal
|
Awaiting Review
|
feature request
|
has-patch
|
09/02/2019
|
#40340
|
"Attach to existing content" modal shows posts and pages of other users
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
needs-unit-tests
|
08/03/2017
|
#50252
|
Capability issue with admin menu
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
06/24/2023
|
#50260
|
Multisite - Getting actual user capabilities with get_role_caps() different with current_user_can()
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
needs-docs
|
08/04/2023
|
#19747
|
Roles add_cap should call update_user_level_from_caps()
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
05/13/2022
|
#40214
|
Some WP instances prematurelly try to do capability tests, before the user object is loaded
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/21/2017
|
#38714
|
Taxonomy meta boxes do not work right with Custom Post Types that use custom capabilities
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/25/2019
|
#49287
|
Users with no page deletion capabilities can delete homepage in multisite
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/24/2020
|
#46440
|
WP_Roles data doesn't load correctly when 'switch_to_blog' is called in a multisite.
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/08/2019
|
#45879
|
WP_User::set_role() does not remove previous roles
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/09/2019
|
#47338
|
is_super_admin() should check a different capability
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
09/23/2019
|
#42136
|
manage_links should be a custom capability not a default
|
|
Role/Capability
|
normal
|
minor
|
Awaiting Review
|
defect (bug)
|
|
10/07/2017
|
#40197
|
meta cap 'publish_post' is not being used
|
johnbillion
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
01/13/2021
|
#40950
|
wp_terms_checklist() does not pass $post_id to current_user_can()
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
03/05/2021
|
#36691
|
Ability to disable "Password Protected" post option
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
03/10/2018
|
#52350
|
Add documentation about meta capabilities
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
needs-docs
|
01/23/2021
|
#40320
|
Feature idea: Rename roles
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
dev-feedback
|
02/02/2023
|
#45709
|
Suggestion for User Roles
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
01/29/2019
|
#43421
|
The $capabilities argument in the `add_role()` function is incompatible with `user_can`
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
needs-unit-tests
|
03/20/2018
|
#23391
|
User in contributor role can add images to post only via the text editor
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
10/03/2018
|
#38276
|
"Is thing public/accessible" API
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
feature request
|
dev-feedback
|
09/23/2017
|
#5942
|
Add Owner role
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
11/06/2017
|
#41778
|
Archive page for user roles
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
09/02/2017
|
#55106
|
Split publish_posts in publish_posts and publish_others_posts
|
|
Role/Capability
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
02/08/2022
|
#37362
|
@font-face errors with dashicons in Microsoft Edge
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
12/11/2017
|
#55485
|
Clarify `wp_should_load_separate_core_block_assets()`, `block.json` script expectations
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
10/25/2023
|
#59972
|
Clarify description of wp_script_add_data()
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
07/25/2024
|
#45106
|
Concerns related to moving mce_external_plugins filter to WP_Scripts::__construct
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/16/2019
|
#61233
|
Executing the Script before DOM ready.
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
05/16/2024
|
#61828
|
Global Styles: Refactor wp_add_inline_style() to use HTML API
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
08/08/2024
|
#40134
|
Invalid data for scripts in footer
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/12/2017
|
#40737
|
Script tags inside unclosed HTML comment in value passed to WP_Script->localize() breaks page
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
06/01/2017
|
#61625
|
Styles enqueued from block.json are not correctly configured for RTL
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
07/11/2024
|
#42440
|
Uncaught TypeError: $(...).wpColorPicker is not a function
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
11/06/2017
|
#55030
|
wp_enqueue_script( 'jquery-ui-autocomplete' ) - is enqueueing a bunch of extra scripts I don't need
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
02/18/2022
|
#38548
|
Add new filters on wp_script_is/wp_style_is
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
03/26/2019
|
#51200
|
Consider a better way to deprecate JavaScript code
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
08/31/2020
|
#40602
|
Implement immutable cache headers
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
04/29/2017
|
#43403
|
Improve wp_add_inline_script()
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/24/2018
|
#54884
|
Load scripts conditionally to reduce page loading and processing time
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/20/2022
|
#60234
|
Script Modules API: Add a translations API
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/27/2024
|
#61500
|
Script Modules: Allow scripts to depend on modules
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/25/2024
|
#61771
|
Script Modules: add the importmap's scopes key
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
07/26/2024
|
#48880
|
Using JSON.parse instead of an actual object literal when localizing scripts
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
12/06/2019
|
#38800
|
add WP_ADMIN_URL and WP_INCLUDES_URL constants
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
09/29/2017
|
#40276
|
enhancement: add a $type parameter to wp_add_inline_script()
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
11/08/2021
|
#37162
|
wp_style_add_data and wp_script_add_data should accept SRI information
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
11/14/2018
|
#40485
|
Add function for retrieving metadata from registered script
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
has-patch
|
06/07/2017
|
#47285
|
Better Management of External Asset Dependencies
|
|
Script Loader
|
normal
|
major
|
Awaiting Review
|
feature request
|
|
07/24/2024
|
#55618
|
combine/concatenate enqueued relative js/css
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
04/25/2022
|
#60090
|
Double login with cloned wordpress instance
|
|
Security
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
|
12/22/2023
|
#24907
|
Escape admin_url() when used for ajax_url in admin header
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
06/04/2019
|
#61640
|
Issues in edit_link Function: Inconsistent Return Values, Insufficient Permission Error Handling, and Data Sanitization
|
|
Security
|
normal
|
major
|
Awaiting Review
|
defect (bug)
|
has-patch
|
07/31/2024
|
#41391
|
Links to media in password protected pages
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
07/24/2017
|
#59824
|
PHP Warning raised in pluggable.php when passing NULL instead of a string
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
11/07/2023
|
#37559
|
Password protected pages require the password only once
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
06/04/2019
|
#37264
|
Please do not chmod 666 the wp-config.php file on installation.
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
03/22/2019
|
#53994
|
REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
08/24/2021
|
#53019
|
The _sanitize_text_fields function removing the octets that incorrectly work with Arabic RTL languages.
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/14/2023
|
#59355
|
TypeError: Cannot read properties of undefined (reading 'hasClass') in wp-auth-check.min.js
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
09/15/2023
|
#34852
|
fix broken re-auth loop (due to expired session)
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
06/04/2019
|
#38260
|
A FORCE_SSL_CANONICAL constant
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/04/2019
|
#38259
|
A FORCE_SSL_CONTENT constant
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/04/2019
|
#38261
|
A FORCE_SSL_SCRIPTS constant
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/04/2019
|
#37757
|
Add `allowed_classes` to `maybe_unserialize` When WordPress is running on PHP 7+
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
09/13/2017
|
#23165
|
Admin validation errors on form nonce element IDs (_wpnonce)
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
02/08/2021
|
#58636
|
Automatic Sanitization of Nonces in wp_verify_nonce
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/26/2023
|
#39656
|
Create a submenu item under About admin bar for security
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
01/23/2017
|
#40237
|
Educate users about modern password best-practices
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/06/2022
|
#62005
|
Enhance wp_hash function to support custom hashing algorithms
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
09/13/2024
|
#43320
|
Harden API requests against man-in-the-middle attacks
|
|
Security
|
low
|
minor
|
Awaiting Review
|
enhancement
|
|
02/18/2018
|
#51159
|
Let's expand our context specific escaping methods for wp_json_encode().
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
05/09/2024
|
#54512
|
Suggestion for file protection
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
11/25/2021
|
#38262
|
Task: Opt in SSL Improvements
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/05/2020
|
#36177
|
default htaccess should include security measures
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
04/12/2024
|
#43215
|
Allow wp_kses to pass allowed CSS properties
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
07/12/2024
|
#53902
|
Automating the creation of inline javascript and inline stylesheet nonces or hashes
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
07/03/2024
|
#61322
|
HTTPOnly attribute for WP Test Cookies
|
|
Security
|
normal
|
major
|
Awaiting Review
|
feature request
|
has-patch
|
08/29/2024
|
#38536
|
Hook/Function to Set Content-Security-Policy
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
06/04/2019
|
#60887
|
After upgrade to WordPress 6.4.3, do_shortcode no longer works in page templates
|
|
Shortcodes
|
normal
|
critical
|
Awaiting Review
|
defect (bug)
|
|
04/02/2024
|
#35216
|
Return empty string from wp.shortcode.replace() callback is ignored
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
06/27/2018
|
#38713
|
Shortcodes and utf-8 no-break whitespace (\xc2\xa0)
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/25/2019
|
#42718
|
Video shortcode needs muted attribute for Autoplay to work with Safari 11.0.1+
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
07/10/2020
|
#43456
|
`wp_html_split` <script>
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/02/2018
|
#43457
|
`wp_html_split` valid HTML attributes issues
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
05/28/2024
|
#40958
|
force_balance_tags breaks Ninjaforms and probably other plugins that output html within js.
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
08/30/2024
|
#54289
|
Improve get_shortcode_regex performance
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
10/19/2021
|
#41086
|
Conditional loading of CSS files from (for example) shortcodes
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
06/16/2017
|