[wp-trac] [WordPress Trac] #53020: Stored XSS via «View details» plugin iFrame
WordPress Trac
noreply at wordpress.org
Fri May 7 13:48:26 UTC 2021
#53020: Stored XSS via «View details» plugin iFrame
--------------------------+-----------------------------
Reporter: m0ze | Owner: SergeyBiryukov
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 5.8
Component: Security | Version: trunk
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses: administration
--------------------------+-----------------------------
Changes (by SergeyBiryukov):
* owner: (none) => SergeyBiryukov
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"50825" 50825]:
{{{
#!CommitTicketReference repository="" revision="50825"
Plugins: Escape the currently installed version number on Add Plugins
screen.
The number is displayed in the plugin details modal if a newer version is
already installed.
Props m0ze, bmcculley, ayeshrajans.
Fixes #53020.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53020#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list