[wp-trac] [WordPress Trac] #62545: Adminbar title not escaped
WordPress Trac
noreply at wordpress.org
Sat Nov 23 08:53:29 UTC 2024
#62545: Adminbar title not escaped
--------------------------+------------------------------
Reporter: kkmuffme | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: minor | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by kkmuffme):
e.g.
{{{#!php
<?php
$wp_admin_bar->add_menu(
array(
'id' => 'foo',
'title' => 'This & that',
'href' => 'https://foo.com',
)
);
}}}
The & will not be & but literal
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62545#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list