3
|
#54956
|
[5.9] wp_block_type args - "style" and "script" are always loaded on Frontend
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
needs-unit-tests
|
07/19/2022
|
|
#55695
|
error on script_loader.php
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
reporter-feedback
|
05/07/2022
|
2
|
#39991
|
jQuery UI Datepicker Localization Error with PHP date 'S'
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
defect (bug)
|
has-patch
|
10/25/2018
|
|
#54777
|
passing empty object to wp_localize_script will convert it to empty array instead of empty object
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/10/2022
|
|
#47322
|
scenario based-bug in the file load-style.php
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
05/20/2019
|
1
|
#62265
|
wp-admin honors style-sheet <=> 'SCRIPT_DEBUG' is true.
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
10/21/2024
|
2
|
#53741
|
wp-admin/css/common.min.css is loading on the front-end
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
defect (bug)
|
needs-docs
|
11/02/2021
|
|
#41990
|
wp_add_inline_script() does not print if the handler has already processed
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
defect (bug)
|
dev-feedback
|
04/12/2023
|
1
|
#55030
|
wp_enqueue_script( 'jquery-ui-autocomplete' ) - is enqueueing a bunch of extra scripts I don't need
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
02/18/2022
|
|
#61356
|
Add $is_module as an extra strategy argument when enqueueing js script.
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
dev-feedback
|
06/03/2024
|
|
#51325
|
Add a filter for script/style tags injected by wp_add_inline_{script|style}
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
enhancement
|
needs-refresh
|
06/06/2023
|
58
|
#22249
|
Add ability to set or remove attributes on enqueued scripts and styles.
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
enhancement
|
has-patch
|
06/02/2022
|
3
|
#47350
|
Add method to get JSON from a file without using file_get_contents()
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
05/22/2019
|
3
|
#38548
|
Add new filters on wp_script_is/wp_style_is
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
03/26/2019
|
|
#52465
|
Allow a relation type in resource hints to be used multiple times
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
enhancement
|
has-patch
|
11/10/2021
|
|
#60163
|
Block editor admin assets should use asset file version when in debug/local mode
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
12/28/2023
|
4
|
#51200
|
Consider a better way to deprecate JavaScript code
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
08/31/2020
|
|
#59132
|
Create two filters in wp_scripts() and wp_styles().
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
reporter-feedback
|
11/27/2023
|
4
|
#58302
|
Deprecate and disable the unused compression_test() and wp_ajax_wp_compression_test()
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
enhancement
|
changes-requested
|
01/29/2024
|
|
#60734
|
Deregistering Open Sans
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
03/09/2024
|
1
|
#40602
|
Implement immutable cache headers
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
04/29/2017
|
|
#43403
|
Improve wp_add_inline_script()
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/24/2018
|
1
|
#54884
|
Load scripts conditionally to reduce page loading and processing time
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/20/2022
|
|
#52497
|
New filter "wp_script_attributes" doesn't take effort in enqueued scripts
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/11/2021
|
|
#59076
|
Proposal for removing the version numbers of the JS and CSS files when SCRIPT_DEBUG is set to true
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
08/11/2023
|
2
|
#51317
|
Remove deprecated JavaScript i18n globals
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
enhancement
|
early
|
05/25/2021
|
3
|
#60234
|
Script Modules API: Add a translations API
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/27/2024
|
4
|
#61500
|
Script Modules: Allow scripts to depend on modules
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
12/19/2024
|
1
|
#61771
|
Script Modules: add the importmap's scopes key
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
09/27/2024
|
13
|
#57548
|
Stop concatenating scripts and stylesheets in wp-admin and retire load-scripts.php and load-styles.php
|
|
Script Loader
|
normal
|
normal
|
Future Release
|
enhancement
|
|
04/29/2024
|
2
|
#43825
|
Style/script loading infrastructure: Etag header as a hash of script/style handles and their corresponding versions
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
01/16/2019
|
|
#48880
|
Using JSON.parse instead of an actual object literal when localizing scripts
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
12/06/2019
|
|
#38800
|
add WP_ADMIN_URL and WP_INCLUDES_URL constants
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
09/29/2017
|
1
|
#43781
|
adding apply_filters on $handle in localize
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
04/16/2018
|
|
#38054
|
class.wp-scripts.php - add_action when init is already doing
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
reporter-feedback
|
04/09/2019
|
|
#40276
|
enhancement: add a $type parameter to wp_add_inline_script()
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
11/08/2021
|
|
#56425
|
wp_localize_script assign to const and freeze instead of var to avoid reassignments
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
dev-feedback
|
11/08/2022
|
5
|
#37162
|
wp_style_add_data and wp_script_add_data should accept SRI information
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
11/14/2018
|
|
#44211
|
Add cookie domain to `userSettings` script localize
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
has-patch
|
10/12/2020
|
|
#40485
|
Add function for retrieving metadata from registered script
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
has-patch
|
06/07/2017
|
|
#58873
|
Add function to pass variables to scripts
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
07/22/2023
|
10
|
#51124
|
Can we get an additional parameter in wp_add_inline_script to set the script type?
|
audrasjb*
|
Script Loader
|
normal
|
normal
|
Future Release
|
feature request
|
needs-unit-tests
|
11/08/2021
|
1
|
#56993
|
I want to put a filter in the wp_enqueue_block_support_styles function.
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
10/25/2023
|
1
|
#55618
|
combine/concatenate enqueued relative js/css
|
|
Script Loader
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
04/25/2022
|
1
|
#41391
|
Links to media in password protected pages
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
07/24/2017
|
|
#59824
|
PHP Warning raised in pluggable.php when passing NULL instead of a string
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
11/07/2023
|
3
|
#37264
|
Please do not chmod 666 the wp-config.php file on installation.
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
03/22/2019
|
2
|
#53869
|
Post type / Taxonomy Label Hardening: Prevent Raw HTML tags in output / Media Library eval of HTML entities in label
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
08/04/2021
|
2
|
#53994
|
REST API requests with session cookies but an invalid/missing nonce are considered authenticated for most of the request
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
08/24/2021
|
5
|
#56860
|
Sodium Compat library is improperly loaded
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
11/19/2024
|
|
#60864
|
URL sanitizing strips valid characters instead of encoding, documented use is invalid
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
04/03/2024
|
11
|
#48955
|
WP 5.3.1 changes cause potential backwards compatibility breakage with kses
|
|
Security
|
normal
|
normal
|
Future Release
|
defect (bug)
|
|
08/12/2020
|
6
|
#53973
|
WordPress <= 5.8 - Authenticated Persistent XSS (User role name)
|
|
Security
|
normal
|
normal
|
Future Release
|
defect (bug)
|
has-patch
|
06/15/2024
|
|
#62693
|
check if chmod is available to prevent Fatal Errors
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
12/14/2024
|
|
#57447
|
wp_ajax_inline_save function does not check if post has "public" or "show_ui" enabled
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
01/11/2023
|
|
#31686
|
wp_authenticate_username_password() should check for a WP_Error object
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
reporter-feedback
|
08/06/2019
|
|
#62384
|
.htaccess lacks
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
12/09/2024
|
6
|
#37757
|
Add `allowed_classes` to `maybe_unserialize` When WordPress is running on PHP 7+
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
09/13/2017
|
14
|
#23165
|
Admin validation errors on form nonce element IDs (_wpnonce)
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
has-patch
|
02/08/2021
|
2
|
#58636
|
Automatic Sanitization of Nonces in wp_verify_nonce
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/26/2023
|
5
|
#40237
|
Educate users about modern password best-practices
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
06/06/2022
|
|
#51611
|
Escape echoing Core functions
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
10/24/2020
|
39
|
#28521
|
FORCE_SSL constant for really forcing SSL
|
adamsilverstein
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
|
11/19/2024
|
3
|
#50510
|
Improve security of wp_nonce implementation
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
reporter-feedback
|
11/19/2024
|
3
|
#44058
|
Include security sniffs in PHPCS ruleset
|
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
|
05/16/2018
|
6
|
#51159
|
Let's expand our context specific escaping methods for wp_json_encode().
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
05/09/2024
|
2
|
#36087
|
Migration plan from insecure RNG fallback
|
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
|
09/30/2020
|
1
|
#62055
|
Put index.php into Public folder on the root directory
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
reporter-feedback
|
11/19/2024
|
13
|
#51407
|
Remove inline event handlers and JavaScript URIs for Strict CSP-compatibility
|
adamsilverstein
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
dev-feedback
|
12/26/2023
|
6
|
#57424
|
Specific hook for Content Security Policy
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
01/05/2023
|
2
|
#61706
|
Support for storing and getting encrypted options
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
07/19/2024
|
33
|
#37000
|
Support for the SameSite cookie attribute
|
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
dev-feedback
|
06/06/2024
|
3
|
#29429
|
Support frame-ancestors directive over X-Frame-Options
|
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
dev-feedback
|
07/29/2019
|
3
|
#51438
|
Use CSP directive upgrade-insecure-requests when using HTTPS
|
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
needs-unit-tests
|
11/09/2021
|
1
|
#60470
|
Use `filter_input` instead of superglobals where possible
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
02/09/2024
|
5
|
#36177
|
default htaccess should include security measures
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
enhancement
|
|
12/24/2024
|
7
|
#38474
|
wp_signups.activation_key stores activation keys in plain text
|
SergeyBiryukov
|
Security
|
normal
|
normal
|
Future Release
|
enhancement
|
has-patch
|
04/23/2024
|
6
|
#55514
|
2FA by default for WordPress
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
03/06/2023
|
1
|
#43215
|
Allow wp_kses to pass allowed CSS properties
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
01/25/2025
|
2
|
#53902
|
Automating the creation of inline javascript and inline stylesheet nonces or hashes
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
|
07/03/2024
|
31
|
#30465
|
Dashboard alert if a plugin/theme was removed from WordPress repo
|
|
Security
|
normal
|
normal
|
Future Release
|
feature request
|
dev-feedback
|
01/24/2025
|
17
|
#32067
|
Remove inline javascript from WP-Core to allow CSP protection
|
|
Security
|
normal
|
normal
|
Future Release
|
feature request
|
|
06/18/2024
|
4
|
#62202
|
allow plugin versions to be flagged as security updates
|
|
Security
|
normal
|
normal
|
Awaiting Review
|
feature request
|
close
|
10/10/2024
|
|
#58174
|
A shortcode block that evaluates to nothing, renders as a space in the HTML
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
10/26/2023
|
|
#58469
|
Changeset 55832 broke shortcodes saved in block attributes and rendered serverside
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
06/07/2023
|
|
#49877
|
Content enclosed by (content enclosing) shortcode gets stripped from excerpt
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
dev-feedback
|
07/24/2020
|
5
|
#47863
|
Fix odd, unexpected output from shortcode_parse_attts
|
SergeyBiryukov
|
Shortcodes
|
normal
|
normal
|
Future Release
|
defect (bug)
|
dev-feedback
|
02/24/2020
|
1
|
#51377
|
Front End elements break after too many shortcodes
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
reporter-feedback
|
09/24/2020
|
2
|
#43725
|
Multiple instances of opening / closing shortcode only works when closing tag is provided
|
|
Shortcodes
|
normal
|
normal
|
Future Release
|
defect (bug)
|
|
07/16/2020
|
1
|
#57790
|
Parsing of Shortcode Attributes: bug locating a final attribute
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
dev-feedback
|
02/28/2023
|
1
|
#35216
|
Return empty string from wp.shortcode.replace() callback is ignored
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
has-patch
|
06/27/2018
|
31
|
#58366
|
Shortcode Support Regained but Content Filters are messing with Shortcode HTML
|
|
Shortcodes
|
normal
|
normal
|
Future Release
|
defect (bug)
|
needs-unit-tests
|
10/27/2024
|
|
#59509
|
Shortcode attributes named 0 are ignored
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
needs-unit-tests
|
10/25/2024
|
|
#49955
|
Shortcode escaping not correctly handled when followed by enclosing shortcodes
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
07/16/2020
|
2
|
#58386
|
Shortcode generated by a block element is not executed in templates
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
06/09/2023
|
|
#38713
|
Shortcodes and utf-8 no-break whitespace (\xc2\xa0)
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
03/25/2019
|
|
#43686
|
Shortcodes containing asterisks may create invalid regex breaking the editor
|
|
Shortcodes
|
normal
|
normal
|
Future Release
|
defect (bug)
|
dev-feedback
|
01/16/2019
|
|
#55406
|
Shortcodes don't work inside srcset attribute
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
04/08/2022
|
|
#58397
|
Shortcodes in patterns are not rendered in templates
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
05/24/2023
|
2
|
#52567
|
Shortcodes in separate <p> tags appear on same line in browser
|
|
Shortcodes
|
normal
|
normal
|
Awaiting Review
|
defect (bug)
|
|
05/25/2023
|