[wp-trac] [WordPress Trac] #56329: Unescaped 'self_admin_url()' in themes-install.php and plugin-install.php file
WordPress Trac
noreply at wordpress.org
Wed Aug 3 09:35:21 UTC 2022
#56329: Unescaped 'self_admin_url()' in themes-install.php and plugin-install.php
file
------------------------------+-----------------------------
Reporter: krishaweb | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upgrade/Install | Version:
Severity: normal | Keywords: has-patch
Focuses: coding-standards |
------------------------------+-----------------------------
I've found that in 'wp-admin/includes/themes-install.php' and wp-
admin/includes/themes-install.php file, there's 'self_admin_url()' used
without escaping. I think it should be escaped.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56329>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list