[wp-trac] [WordPress Trac] #50534: Menu position conflicts not properly handled in add_menu_page function
WordPress Trac
noreply at wordpress.org
Thu Jul 2 10:54:13 UTC 2020
#50534: Menu position conflicts not properly handled in add_menu_page function
--------------------------+-----------------------------
Reporter: nufocusuk | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: trunk
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
In add_menu_page function inside plugin.php the assignment of new menu in
the else condition should have $position inside quotes in the same way as
the other lines.
If $position is passed in with a decimal value 103.768 (as supplied my
MailChimp Forms by MailMunch plugin) then it fails to detect if $menu[103]
has already been assigned by another plugin, but then overwrites it by
impicitly treating $position as integer rather than a string as in
$menu["103.768"].
Result is that random plugins can be missing from the admin menu.
if ( null === $position ) {
$menu[] = $new_menu;
} elseif ( isset( $menu[ "$position" ] ) ) {
$position = $position + substr( base_convert( md5(
$menu_slug . $menu_title ), 16, 10 ), -5 ) * 0.00001;
$menu[ "$position" ] = $new_menu;
} else {
$menu[ **$position** ] = $new_menu; //# should be change to
**$menu[ "$position" ] = $new_menu;**
}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50534>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list