[wp-trac] [WordPress Trac] #53973: WordPress <= 5.8 - Authenticated Persistent XSS (User role name)

WordPress Trac noreply at wordpress.org
Thu Jun 13 14:20:58 UTC 2024


#53973: WordPress <= 5.8 - Authenticated Persistent XSS (User role name)
--------------------------+-----------------------------
 Reporter:  visse         |       Owner:  (none)
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Future Release
Component:  Security      |     Version:
 Severity:  normal        |  Resolution:
 Keywords:  has-patch     |     Focuses:  administration
--------------------------+-----------------------------

Comment (by ramon fincken):

 I will get this done, about your 3rd question: they must all validate, so
 not even via a function as sanitize_title, as the requester will probably
 use the same name in their code later on.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/53973#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list