[wp-trac] [WordPress Trac] #29670: Admin cannot use own password to log in
WordPress Trac
noreply at wordpress.org
Tue Oct 7 03:28:49 UTC 2014
#29670: Admin cannot use own password to log in
-------------------------------+------------------------------
Reporter: pranav_hivarekar | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version:
Severity: normal | Resolution:
Keywords: reporter-feedback | Focuses:
-------------------------------+------------------------------
Changes (by dd32):
* keywords: => reporter-feedback
Comment:
This should be fixed in 3.9 already via #26573 (Fixes the handling of
{{{"}}} and {{{'}}} in passwords)
I can't reproduce this on trunk, the password {{{"><iframe
src=javascript:alert(1)/>}}} works for me, however, it's worth noting that
spaces after the password are trim()'d, so since you're probably copy-
pasting it, that seems like a likely cause.
Can you reproduce this on 4.0 or trunk?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29670#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list