[wp-trac] [WordPress Trac] #32233: Improve escaping in /wp-admin/includes/template.php
WordPress Trac
noreply at wordpress.org
Sat May 2 07:28:46 UTC 2015
#32233: Improve escaping in /wp-admin/includes/template.php
----------------------------+-----------------------------
Reporter: McGuive7 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: trunk
Severity: normal | Keywords:
Focuses: administration |
----------------------------+-----------------------------
It was brought to my attention that various output in /wp-
admin/includes/template.php is missing proper escaping. This includes
titles for settings sections and fields, inline Thickbox JS, and various
translatable strings (the translations for which might accidentally or
intentionally include problematic content).
This patch adds various escaping functions where needed.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32233>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list