[wp-trac] [WordPress Trac] #22530: garbage query strings on URLs are not sanitized or removed

WordPress Trac noreply at wordpress.org
Fri Jan 30 13:55:29 UTC 2015

#22530: garbage query strings on URLs are not sanitized or removed
 Reporter:  rawalex       |       Owner:
     Type:  defect (bug)  |      Status:  reopened
 Priority:  normal        |   Milestone:
Component:  General       |     Version:  3.4.2
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
Changes (by jrivett):

 * status:  closed => reopened
 * resolution:  duplicate =>


 I would like to see this issue addressed, as it's causing problems for one
 of my sites. This ticket was closed as a duplicate of #21113, and that
 ticket was closed on the assumption that the problem was due to a
 misconfigured cache.

 I am definitely seeing this problem, and I'm not using caching.

 To demonstrate the problem, I found another Wordpress site (not one of
 mine) that shows it. I then posted a link with an arbitrary URL parameter,
 pointing to that site, on one of my sites. Fast forward a couple of weeks,
 and now that other site's search results are full of that parameter. It
 seems to me that this is a bug, and a potentially serious one, since it
 could be used to hurt search ranking or do even worse things.

 Because of this, I'm re-opening this ticket.

 Note that this problem doesn't seem to affect all Wordpress sites. It
 seems to depend on the theme. I've found that the included 2012, 2013,
 etc. themes are all affected.

Ticket URL: <https://core.trac.wordpress.org/ticket/22530#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list