Opened 6 months ago
Last modified 3 weeks ago
#62477 new defect (bug)
Do not use $_POST['action'] in the sanitize function.
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | General | Keywords: | has-patch |
| Focuses: | coding-standards | Cc: |
Description
wp-admin\includes\ajax-actions.php
Attachments (1)
Change History (4)
This ticket was mentioned in PR #7839 on WordPress/wordpress-develop by @im3dabasia1.
6 months ago
#1
#2
@
6 months ago
I have added an improved version of the previous patch. I hope this works well.
- Fixed missing sanitization in other areas.
- Eliminated redundant isset checks for the same variable.
- Removed unnecessary variable casting for $post_category as it is already handled in the condition.
PluginVulnerabilities commented on PR #7839:
3 weeks ago
#3
It looks like sanitize_key() might be the more appropriate sanitization function instead of sanitize_text_field(). That is what is already used in similar code in the file.
Another function in the file, wp_ajax_add_tag(), looks like it still needs sanitization added.
Note: See
TracTickets for help on using
tickets.
Trac ticket: https://core.trac.wordpress.org/ticket/62477
### Description:
Sanitize $_POSTaction? in _wp_ajax_add_hierarchical_term to enhance security.