[wp-trac] [WordPress Trac] #54182: Use wp_unslash() for $_REQUEST Parameter in wp-admin/admin-post.php file
WordPress Trac
noreply at wordpress.org
Sun Sep 26 09:22:24 UTC 2021
#54182: Use wp_unslash() for $_REQUEST Parameter in wp-admin/admin-post.php file
---------------------------+-----------------------------------------------
Reporter: yagniksangani | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 5.8.1
Severity: normal | Resolution:
Keywords: reporter- | Focuses: administration, coding-standards
feedback |
---------------------------+-----------------------------------------------
Comment (by yagniksangani):
Here wp_unslash() needed to remove slashes, we are using $_REQUEST to get
parameters, so we need to remove slashes from parameters as per coding
standards. And it will also help as per security point of view. Hope now
it will be more clear to you.
> Hi there, welcome back to WordPress Trac! Thanks for the report.
>
> Could you provide some more details about why `wp_unslash()` is needed
here? What would be the steps to reproduce the issue on a clean install?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54182#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list