Lack of mutex for query object values like is_category and is_author can result in warnings

[leedxw]

We're seeing warnings triggered by attempts to request pages that match both is_category() and is_author(). These aren't legitimate requests, we're assuming this is an attacker trying to trigger unexpected behaviour.

I'm seeing this on sites with co-authors-plus installed, but it feels like an issue in core.

To reproduce (assuming "admin" is an author of at least one post):

wp plugin install co-authors-plus
wp plugin activate co-authors-plus
wp co-authors-plus create-guest-authors
curl "http://localhost/author/admin/?a=1&cat=2" > /dev/null

Produces the following warnings:

PHP Warning:  Undefined property: stdClass::$name in /var/www/html/wp-includes/general-template.php on line 1610
PHP Deprecated:  strip_tags(): Passing null to parameter #1 ($string) of type string is deprecated in /var/www/html/wp-includes/class-wp-hook.php on line 324
PHP Warning:  Undefined property: stdClass::$name in /var/www/html/wp-includes/general-template.php on line 3412
PHP Warning:  Undefined property: stdClass::$term_id in /var/www/html/wp-includes/general-template.php on line 3415

This happens because is_category() returns true, but then attempts to use an object that isn't a category.

If a call to is_category() uses an object that is not a category object, then the result should be false.

This might be patched by adding a check in is_category()

--- class-wp-query.php.dist	2025-05-07 11:11:36.000000000 +0000
+++ class-wp-query.php	2025-05-07 11:20:58.315628592 +0000
@@ -4269,5 +4269,10 @@
 
 		if ( empty( $category ) ) {
-			return true;
+			if ( empty($this->taxonomy) || $this->taxonomy != 'category' ) {
+				$this->is_category = false;
+				return false;
+			} else {
+				return true;
+			}
 		}

[karthikeya01]

Hello @leedxw

Thanks for reporting the issue.

I believe this should be fixed in the Co-Authors Plus plugin. The plugin modifies the $wp_query in the fix_author_page method in class-coauthors-plus.php when querying guest authors, and the warnings appear only for guest authors, not for normal users. When we visit http://localhost:8889/author/guest_author/?cat=1, the initial queried_object represents cat=1 and is_category is true, but the plugin changes it to author. Therefore, setting is_category to false inside the function should resolve the issue.

[smahjoob]

Unexpected Dual Archive Context: is_author() and is_category() Both True in Block Theme

While testing WordPress 6.9-alpha-58136 with the default Twenty Twenty-Five theme, I encountered an ambiguous behavior when accessing URLs that include both author_name and cat query variables—for example:
/?author_name=admin&cat=3

In such cases, WordPress evaluates both is_author() and is_category() as true, resulting in a scenario where the system simultaneously treats the request as both an author archive and a category archive. This dual-context behavior introduces a critical conflict in block themes, where template rendering is heavily dependent on precise conditional logic.

Block themes like Twenty Twenty-Five use the patterns/index.php file and internal conditionals to decide which layout pattern to load. When multiple archive contexts are valid, there is no explicit priority or override mechanism defined, leading to unpredictable or undesired output. There is no warning or error to inform the developer that multiple archive states are being resolved concurrently, which can create confusion and unintended template behavior—especially when custom patterns are introduced.

The global $wp_query confirms the presence of both author_name and cat query vars, and the body_class() function reflects this with combined author and category classes. From a developer’s standpoint, this lack of decisiveness in the query resolution process contradicts the deterministic model expected by block themes.

Proposed Consideration
To avoid ambiguity and ensure predictable rendering in block-based environments, WordPress core should consider one or more of the following:

Introduce an internal priority hierarchy when multiple archive types are present in a request.

Add a development warning or admin notice when multiple is_*() archive conditions are simultaneously true.

Provide a new helper function or property that exposes the “primary” archive context for the current request.

Without resolving this ambiguity, block themes may struggle to provide consistent layouts for complex URLs—especially on content-heavy or dynamically-filtered sites.