Make WordPress Core

Opened 16 months ago

Last modified 16 months ago

#58511 new defect (bug)

Escaping function missing in wp-trackback.php

Reported by: utsav72640's profile utsav72640 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Pings/Trackbacks Keywords: has-patch needs-refresh
Focuses: coding-standards Cc:

Description

Escaping function missing in wp-trackback.php file.

Attachments (2)

trackback.patch (1.0 KB) - added by utsav72640 16 months ago.
wp-trackback.php
updatedtrackback.patch (1.0 KB) - added by utsav72640 16 months ago.

Download all attachments as: .zip

Change History (6)

@utsav72640
16 months ago

wp-trackback.php

#1 @ankitmaru
16 months ago

Thanks @utsav72640

Patch LGTM.

#2 @mukesh27
16 months ago

  • Keywords needs-refresh added
  • Version 6.2.2 deleted

Hi there! thanks for ticket and patch.

The core use sanitize_text_field( wp_unslash( $_POST[''] ) ); instead of what you propose in your patch.

#3 @utsav72640
16 months ago

Thank you for sharing the details, @mukesh27. I have attached a new patch. Could you please review it and let me know if any changes. Thanks!!!

#4 @ankitmaru
16 months ago

Great.!!!! Thanks @mukesh27 for quick review.

Note: See TracTickets for help on using tickets.