[wp-trac] [WordPress Trac] #12623: Unchecked Input Condition in Widgets
WordPress Trac
wp-trac at lists.automattic.com
Wed Mar 17 10:38:59 UTC 2010
#12623: Unchecked Input Condition in Widgets
--------------------------+-------------------------------------------------
Reporter: hakre | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: General | Version:
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
In {{{WP_Widget::__construct()}}} - according to the documented specs -
first parameter {{{$id_base}}} has to be unique.
Next to the fact that is not properly documented to what domain the
uniqueness has to pay to, the input is not verified at all for uniqueness
leaving the specification useless as well as leaving Wordpress open to a
malfunction on the underlying data structures and models.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12623>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list