[wp-trac] [WordPress Trac] #55916: Font size in post editing is not validated
WordPress Trac
noreply at wordpress.org
Sat Jun 4 09:12:22 UTC 2022
#55916: Font size in post editing is not validated
---------------------------+-----------------------------
Reporter: floridsleeves | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.0
Severity: normal | Keywords:
Focuses: |
---------------------------+-----------------------------
In the post editing page, the font size is constrained by front end HTML
'type=number'.
[[Image(https://ibb.co/NLhJvKY)]]
However, this font size can be changed by intercepting the requests. And
the resulted HTML will contain the font size making no sense:
<p style="font-size:aaapx">User’s blogs</p>
This may result in data corruption or web injection.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55916>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list