[wp-trac] [WordPress Trac] #56329: Unescaped 'self_admin_url()' in themes-install.php and plugin-install.php file

WordPress Trac noreply at wordpress.org
Wed Aug 3 09:35:21 UTC 2022


#56329: Unescaped 'self_admin_url()' in themes-install.php and plugin-install.php
file
------------------------------+-----------------------------
 Reporter:  krishaweb         |      Owner:  (none)
     Type:  defect (bug)      |     Status:  new
 Priority:  normal            |  Milestone:  Awaiting Review
Component:  Upgrade/Install   |    Version:
 Severity:  normal            |   Keywords:  has-patch
  Focuses:  coding-standards  |
------------------------------+-----------------------------
 I've found that in 'wp-admin/includes/themes-install.php' and wp-
 admin/includes/themes-install.php file, there's 'self_admin_url()' used
 without escaping. I think it should be escaped.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/56329>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list