[wp-trac] [WordPress Trac] #55916: Font size in post editing is not validated

WordPress Trac noreply at wordpress.org
Sat Jun 4 09:12:22 UTC 2022


#55916: Font size in post editing is not validated
---------------------------+-----------------------------
 Reporter:  floridsleeves  |      Owner:  (none)
     Type:  defect (bug)   |     Status:  new
 Priority:  normal         |  Milestone:  Awaiting Review
Component:  General        |    Version:  6.0
 Severity:  normal         |   Keywords:
  Focuses:                 |
---------------------------+-----------------------------
 In the post editing page, the font size is constrained by front end HTML
 'type=number'.
 [[Image(https://ibb.co/NLhJvKY)]]

 However, this font size can be changed by intercepting the requests. And
 the resulted HTML will contain the font size making no sense:

 <p style="font-size:aaapx">User’s blogs</p>

 This may result in data corruption or web injection.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/55916>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list