[wp-trac] [WordPress Trac] #55853: Use of unsanitized data in wp_ajax_dashboard_widgets()
WordPress Trac
noreply at wordpress.org
Fri May 27 17:37:18 UTC 2022
#55853: Use of unsanitized data in wp_ajax_dashboard_widgets()
-------------------------+-----------------------------------------------
Reporter: hilayt24 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Widgets | Version:
Severity: major | Resolution:
Keywords: close | Focuses: administration, coding-standards
-------------------------+-----------------------------------------------
Changes (by SergeyBiryukov):
* keywords: needs-patch good-first-bug => close
* milestone: 6.1 => Awaiting Review
Comment:
Replying to [comment:3 TimothyBlynJacobs]:
> Those kind of mismatches can also end up ''causing'' security issues in
some cases. It's best to just compare this to a strict list of allowed
items like we are already doing IMO.
Right, I tend to agree. Thanks!
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55853#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list