[wp-trac] [WordPress Trac] #39435: cannot advance by typing in page number
WordPress Trac
noreply at wordpress.org
Fri Jan 6 18:51:55 UTC 2017
#39435: cannot advance by typing in page number
--------------------------+------------------
Reporter: taxman10m | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.8
Component: Users | Version: 4.7
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
--------------------------+------------------
Comment (by adamsilverstein):
@kailanitish90 thanks for the patch! how did you figure out you needed to
add the hidden role field?
I'll give this a test, it would be good to also get feedback from
@taxman10m to verify it fixes the issue for him.
it looks like `$_REQUEST['role']` could use some sanitization or escaping
on output to prevent XSS
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39435#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list