[wp-trac] [WordPress Trac] #49392: wp_check_password is broken and give result false if there is ampersand (&) character on password
WordPress Trac
noreply at wordpress.org
Mon Feb 10 03:06:46 UTC 2020
#49392: wp_check_password is broken and give result false if there is ampersand (&)
character on password
--------------------------+-----------------------------
Reporter: nariyanto | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 5.3.2
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
While testing change password method that uses wp_check_password where I
was passing in a correct current password and password combination. Here
are the steps to replicate this issues:
1. Now try to change the newest password to `k)176p*nFXA8Qk&@mb6cI8(b`
2. try to check password using wp_check_password() method, with current
password contain ampersand (&) character.
3. Observe
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49392>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list