[wp-trac] [WordPress Trac] #11932: Strip Shortcodes from untrusted comment authors
WordPress Trac
wp-trac at lists.automattic.com
Mon Jan 18 11:44:14 UTC 2010
#11932: Strip Shortcodes from untrusted comment authors
--------------------------+-------------------------------------------------
Reporter: kdzwinel | Owner: ryan
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 2.9.1
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+-------------------------------------------------
Changes (by miqrogroove):
* keywords: xss,kaltura =>
* status: reopened => closed
* resolution: => invalid
* milestone: 2.9.2 =>
Comment:
I agree with scribu on this one. shortcodes.php only hooks the_content().
Shortcodes are already ignored in all comments.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11932#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list