[wp-trac] [WordPress Trac] #54277: values within loop should be escaped properly before echo `wp-admin/theme-install.php`
WordPress Trac
noreply at wordpress.org
Sat Oct 16 20:33:31 UTC 2021
#54277: values within loop should be escaped properly before echo `wp-admin/theme-
install.php`
------------------------------+-----------------------------
Reporter: sabbirshouvo | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Themes | Version: trunk
Severity: normal | Keywords: has-patch
Focuses: coding-standards |
------------------------------+-----------------------------
In `wp-admin/theme-install.php` line 232 `$feature_name` is not escaped
properly before echo the value. It should be escaped. In a similar
scenario in file `wp-admin/includes/theme-install.php` same variable is
escaped with `esc_html( )`
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54277>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list