REST API: Fix querying multiple post statuses at once

[jnylen0]

Currently the description of the status parameter on the post listing endpoint is as follows:

Limit result set to posts assigned a specific status; can be comma-delimited list of status types.

Passing a comma-delimited list of status types is broken in trunk due to the additional validation introduced in [38911]. This patch fixes the issue and adds a couple of tests.

This patch also allows an array of post statuses to be passed, to make status more consistent with other similar arguments.

Questions:

• I've set status to an array type in the schema. Does this make sense given that there is an enum value present in the schema also?
• I don't think we need to validate the publish status like what was done in ​https://github.com/danielbachhuber/wordpress-develop/pull/4/commits/51de903 since it is always whitelisted. Can someone confirm?
• Right now there is both a validate_callback and a sanitize_callback, which means we need to call wp_parse_slug_list twice. Should we move all of this logic into sanitize_callback instead?

[jnylen0]

Move all validation into sanitize_callback per Slack discussion.

[kadamwhite]

See also #38420, where @websupporter & I were working on the same issue -- the approach here works around some of the issues in our original patch.

[jnylen0]

Per discussion in Slack, I'll continue work on this issue on #38420.