[wp-trac] [WordPress Trac] #49705: Sanitizing input for parameterized queries + update_meta_cache
WordPress Trac
noreply at wordpress.org
Thu Mar 26 14:47:17 UTC 2020
#49705: Sanitizing input for parameterized queries + update_meta_cache
--------------------------------+-------------------------------
Reporter: classicalrehan | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Options, Meta APIs | Version: 5.3.2
Severity: critical | Resolution:
Keywords: | Focuses: coding-standards
--------------------------------+-------------------------------
Changes (by SergeyBiryukov):
* focuses: rest-api, performance, coding-standards => coding-standards
* component: Query => Options, Meta APIs
Comment:
Hi there, welcome to WordPress Trac! Thanks for the report.
Just noting that `$id_list` is constructed from the function's
`$object_ids` parameter, which is [source:tags/5.3.2/src/wp-
includes/meta.php?marks=898-903,923,928,939#L898 sanitized using intval()
earler].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49705#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list