[wp-trac] [WordPress Trac] #11932: Strip Shortcodes from untrusted comment authors
WordPress Trac
wp-trac at lists.automattic.com
Mon Jan 18 14:20:36 UTC 2010
#11932: Strip Shortcodes from untrusted comment authors
--------------------------+-------------------------------------------------
Reporter: kdzwinel | Owner: ryan
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 2.9.1
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+-------------------------------------------------
Comment(by ShaneF):
Replying to [comment:4 miqrogroove]:
> I agree with scribu on this one. shortcodes.php only hooks
the_content(). Shortcodes are already ignored in all comments.
By default. A plugin author can always add comments to allow their
shortcode to be used there.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11932#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list