[wp-trac] [WordPress Trac] #64771: The new block level custom CSS breaks when edited by user without unfiltered_html
WordPress Trac
noreply at wordpress.org
Wed Mar 4 09:28:26 UTC 2026
#64771: The new block level custom CSS breaks when edited by user without
unfiltered_html
--------------------------+---------------------
Reporter: glendaviesnz | Owner: (none)
Type: defect (bug) | Status: new
Priority: high | Milestone: 7.0
Component: Editor | Version: trunk
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
--------------------------+---------------------
Comment (by ugyensupport):
== The new block level custom CSS breaks when edited by user without
unfiltered_html
=== Description
https://github.com/WordPress/gutenberg/pull/73959 introduced block level
custom CSS.
Everything works as expected unless a user without unfiltered_html edits a
page/post with block level custom CSS that includes nested selectors, eg.
color: green;
& p {color: blue}
In these cases, entities like & are encoded and the CSS breaks in the
editor and the frontend.
This is caused by KSES filtering in core, not in Editor codes, so filing
here, not in the GB repo.
Patch tested: https://github.com/WordPress/wordpress-develop/pull/11104
=== Environment
- WordPress: 7.0-beta2-61784
- PHP: 8.3.27
- Server: nginx/1.21.4
- Database: mysqli (Server: 5.7.44-log / Client: mysqlnd 8.3.27)
- Browser: Chrome 145.0.0.0
- OS: macOS
- Theme: Twenty Twenty-Five 1.4
- MU Plugins: None activated
- Plugins:
* Debug Log Viewer 2.1
* Test Reports 1.2.1
* WordPress Beta Tester 4.0.0
* WP File Manager 8.0.2
=== Actual Results
1. ✅ Issue resolved with patch.
=== Supplemental Artifacts
Patch works: [[Image(https://i.postimg.cc/5NPcFWMg/test.png)]]
--
Ticket URL: <https://core.trac.wordpress.org/ticket/64771#comment:14>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list