[wp-trac] [WordPress Trac] #10415: URL not secured in wp-trackback.php
WordPress Trac
wp-trac at lists.automattic.com
Wed Jul 15 07:49:41 UTC 2009
#10415: URL not secured in wp-trackback.php
------------------------------+---------------------------------------------
Reporter: McGurk | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: Pings/Trackbacks | Version: 2.8.1
Severity: normal | Keywords:
------------------------------+---------------------------------------------
I've found that the variable $tb_url is never escaped before it's inserted
into the database. I think a $wpdb->escape is needed.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10415>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list