[wp-trac] [WordPress Trac] #42096: `WP_Term_Query` sanitizes `slug` parameter incorrectly
WordPress Trac
noreply at wordpress.org
Wed Oct 4 20:53:28 UTC 2017
#42096: `WP_Term_Query` sanitizes `slug` parameter incorrectly
--------------------------+------------------------------------------
Reporter: boonebgorges | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Taxonomy | Version:
Severity: normal | Keywords: needs-patch needs-unit-tests
Focuses: |
--------------------------+------------------------------------------
At save time, slugs are sanitized for MySQL using `sanitize_title()`. When
constructing a query that is intended to match slugs sanitized in this
way, we should use `sanitize_title_for_query()`. See #19292 [19444].
`WP_Term_Query` improperly uses `sanitize_title()` in the query context.
https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/class-
wp-term-query.php?marks=495,498#L494 It has always been thus: [30024],
[5525]. It should be fixed. Let's get a unit test that describes the bug
(see #19292 for sample payload).
--
Ticket URL: <https://core.trac.wordpress.org/ticket/42096>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list