[wp-trac] [WordPress Trac] #55855: In wp-admin folder the ajax-actions.php file has some unsanitize data issue.
WordPress Trac
noreply at wordpress.org
Fri May 27 08:28:00 UTC 2022
#55855: In wp-admin folder the ajax-actions.php file has some unsanitize data
issue.
-------------------------+-----------------------------
Reporter: smit08 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version:
Severity: normal | Keywords: needs-patch
Focuses: |
-------------------------+-----------------------------
Path of file: wp-admin/includes/ajax-actions.php
In these files, there are some $_POST used without sanitizing by
filter_input. I think this should be solved.
I am adding some code below for some reference.
{{{
$post_id = isset( $_POST['post_ID'] ) ? (int) $_POST['post_ID'] : 0;
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55855>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list