Ampersands in e-mail address become invalid
|Reported by:||jfarthing84||Owned by:|
When an e-mail address contains an ampersand, WordPress improperly escapes the ampersand invalidating the e-mail address.
Example: h&f@… becomes h&amp@…
First of all, the proper HTML entity for "&" is &. Where did the extra amp come from?
Also, an ampersand is a valid character in an e-mail address and should not be escaped. Escaping it could be a completely different e-mail address.
I have not dug into the code to find out where this is happening but I'd assume in sanitize_email().