[wp-hackers] Security: Using slugs as ID

[Mike Bijon]

Ryan,
Is your bug specific to pages, and not posts? There is an existing bug on
Trac for that, http://core.trac.wordpress.org/ticket/10249. The code there
may have better examples of what could be fixed.

As for your decoding it should be safe. I don't know where you're reusing
the value though: remember to still sanitize, and to re-encode if used in a
URL.

-Mike