id summary reporter owner description type status priority milestone component version severity resolution keywords cc focuses 15694 "Shortcode I/O Intolerant of ""]"", ""<"", Quotes, etc." miqrogroove miqrogroove "There are no shortcode input escaping functions available in core even though the Shortcode API is increasingly strict about not allowing special characters inside shortcode attributes. Common problems for plugin developers include user input containing square braces. This was even a core bug prior to 3.4 where a caption shortcode would be transformed by the Visual Editor from: {{{[caption id=""attachment_3"" align=""alignnone"" width=""300"" caption=""[Test Caption]""]}}} ... to ... {{{[caption id=""attachment_3"" align=""alignnone"" width=""300"" caption=""[Test Caption""]""]}}} As of 4.2.2, that same shortcode is transformed to: {{{[caption id=""attachment_7"" align=""alignnone"" width=""300""]""]}}} Other common problems include usage of HTML-special characters for quotations or comparison operators that would need to appear in the attribute value." defect (bug) assigned high 4.3 Shortcodes 3.0.1 normal needs-patch needs-unit-tests hidgw javascript