[wp-trac] [WordPress Trac] #64464: Does Not Escape the Ampersand when It Appears in Something that Looks Like Escape Codes
WordPress Trac
noreply at wordpress.org
Wed Dec 31 20:34:37 UTC 2025
#64464: Does Not Escape the Ampersand when It Appears in Something that Looks Like
Escape Codes
--------------------------+-----------------------------
Reporter: chiarella86 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.8.3
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
When you type the following:
{{{
&
�
}}}
The content for the RSS should be this:
{{{
&

}}}
This will ensure that if someone types an escape code as is, then it will
not change when parsed correctly as XML escape codes.
Some change (I think) made this work as expected for escape codes for
hexadecimal escape codes. Decimal escape codes and name escape codes still
do not render correctly. The post mechanism just stores these things as
the escape code.
As a result, if I want to write
{{{
&
}}}
to show an example, I will fail. WordPress will only show the following:
{{{
&
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64464>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list