[wp-trac] [WordPress Trac] #64771: The new block level custom CSS breaks when edited by user without unfiltered_html
WordPress Trac
noreply at wordpress.org
Tue Mar 3 06:27:16 UTC 2026
#64771: The new block level custom CSS breaks when edited by user without
unfiltered_html
--------------------------+---------------------
Reporter: glendaviesnz | Owner: (none)
Type: defect (bug) | Status: new
Priority: high | Milestone: 7.0
Component: Editor | Version: trunk
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
--------------------------+---------------------
Description changed by westonruter:
Old description:
> https://github.com/WordPress/gutenberg/pull/73959 introduced block level
> custom CSS.
>
> Everything works as expected unless a user without unfiltered_html edits
> a page/post with block level custom CSS that includes nested selectors,
> eg.
>
> ```
> color: green;
> & p {color: blue}
> ```
> In these cases, entities like & are encoded and the CSS breaks in the
> editor and the frontend.
>
> This is caused by KSES filtering in core, not in Editor codes, so filing
> here, not in the GB repo.
New description:
https://github.com/WordPress/gutenberg/pull/73959 introduced block level
custom CSS.
Everything works as expected unless a user without unfiltered_html edits a
page/post with block level custom CSS that includes nested selectors, eg.
{{{
color: green;
& p {color: blue}
}}}
In these cases, entities like & are encoded and the CSS breaks in the
editor and the frontend.
This is caused by KSES filtering in core, not in Editor codes, so filing
here, not in the GB repo.
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64771#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list