[wp-trac] [WordPress Trac] #24248: 'guid' not properly escaped
WordPress Trac
noreply at wordpress.org
Tue Oct 4 20:12:24 UTC 2022
#24248: 'guid' not properly escaped
--------------------------------------+---------------------
Reporter: meloniq | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone:
Component: Posts, Post Types | Version: 2.5
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses:
--------------------------------------+---------------------
Comment (by eceleste):
This still seems to be a problem with WordPress version 6.0.2. I am seeing
all sorts of posts with the `&` in place of the `&`. In fact, every
single custom post type (or at least every GUID that includes an explicit
`post_type` attribute) has this problem. In my case I am seeing this with
WooCommerce 'product', 'shop_order', and 'shop_subscription' posts, a
whole variety of Meta Box post types, 'formulator_forms', and of course
all of my own custom post types.
This is very problematic, because if a page is referenced with this GUID
then it does not load properly. For example, WordPress will treat a
request for `https://tca-woo.local/?post_type=course&p=260` as a
request for page 260 using the page template for `course&p=260`,
which does not exist. The page will display, but not with the appropriate
`course` modifications. This can lead to all sorts of very strange
problems.
Is there any work afoot to resolve this bug? Or has it been decided that
it is OK for WordPress sites around the world just filling up with these
strange and bogus GUIDs?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/24248#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list