[wp-trac] [WordPress Trac] #64489: Admin Ajax: Improve action input sanitization with sanitize_key()

Sun Jan 11 06:34:27 UTC 2026

#64489: Admin Ajax: Improve action input sanitization with sanitize_key()
--------------------------+------------------------------
 Reporter:  mohammadzaid  |       Owner:  (none)
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Security      |     Version:  trunk
 Severity:  normal        |  Resolution:
 Keywords:  has-patch     |     Focuses:
--------------------------+------------------------------
Changes (by mohammadzaid):

 * Attachment "64489.2.diff" added.

 Revision 2: Remove sanitize_key() per @westonruter review. Uses in_array()
 allow-list + is_scalar() only.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/64489>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform