Opened 28 hours ago
Last modified 26 hours ago
#65051 assigned defect (bug)
$_REQUEST['term'] used unsanitized in user search query
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 7.1 | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | Networks and Sites | Keywords: | has-patch needs-testing |
| Focuses: | multisite, coding-standards | Cc: |
Description
User-supplied search term is concatenated directly into the get_users() search argument without
sanitize_text_field() or wp_unslash().
Change History (3)
This ticket was mentioned in PR #11530 on WordPress/wordpress-develop by rajeshcpr.
28 hours ago
#1
#2
@
28 hours ago
- Focuses coding-standards added
Tested the patch and confirmed the issue: https://github.com/WordPress/wordpress-develop/pull/11530/commits/5eed1c8ea50eb3dfda7605749f267bf9e3234dc3
Environment:
- WordPress: 7.1-alpha-62161-src
- PHP: 8.3.30
- Browser: Chrome
- Database: MySQL 8.4.8
- OS: Ubuntu
1) The current implementation uses $_REQUEST[term] directly without sanitization.
2) The patch correctly applies 'wp_unslash()' and 'sanitize_text_field()', which aligns with WordPress data handling standards.
3) Verified that the user search functionality continues to work as expected after the change.
This is a valid security improvement and works as expected
Screenshot for reference: https://kommodo.ai/i/s2Bol19v4cwB50UNttQp
User-supplied search term is concatenated directly into the get_users() search argument without
Trac ticket: https://core.trac.wordpress.org/ticket/65051
Fixes #65051
## Use of AI Tools