[wp-trac] [WordPress Trac] #55335: $user_login double escaped with incorrect/empty password in wp-login.php

WordPress Trac noreply at wordpress.org
Tue Jul 2 17:45:06 UTC 2024


#55335: $user_login double escaped with incorrect/empty password in wp-login.php
------------------------------------+-----------------------------
 Reporter:  johnjamesjacoby         |       Owner:  SergeyBiryukov
     Type:  defect (bug)            |      Status:  closed
 Priority:  normal                  |   Milestone:  6.7
Component:  Login and Registration  |     Version:
 Severity:  normal                  |  Resolution:  fixed
 Keywords:  2nd-opinion has-patch   |     Focuses:
------------------------------------+-----------------------------
Changes (by SergeyBiryukov):

 * status:  reviewing => closed
 * resolution:   => fixed


Comment:

 In [changeset:"58623" 58623]:
 {{{
 #!CommitTicketReference repository="" revision="58623"
 Login and Registration: Remove redundant escaping in `wp-login.php`.

 * `$user_login` in the `login` action is already escaped on output.
 * `$user_login` and `$user_email` in the `register` action are already
 unslashed a few lines above.

 Follow-up to [3120], [4339], [8454], [11104], [23416], [23554], [23594],
 [46640].

 Props johnjamesjacoby, rajinsharwar, narenin.
 Fixes #55335.
 }}}

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/55335#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list