[wp-trac] [WordPress Trac] #56696: This has been discussed with a security team member who verified it's suitable as a public hardening issue.
WordPress Trac
noreply at wordpress.org
Fri Sep 30 06:16:13 UTC 2022
#56696: This has been discussed with a security team member who verified it's
suitable as a public hardening issue.
----------------------------+-----------------------------
Reporter: Alberuni Azad. | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Bundled Theme | Version: 3.2
Severity: normal | Keywords:
Focuses: |
----------------------------+-----------------------------
IN 'wp-content/themes/twentyeleven/header.php' on line '52' I've found
that "bloginfo( 'stylesheet_url' )" was used without escaping. I know it's
a silly issue. But I think we can improve it by escaping the URL for more
consistency.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56696>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list