$_GET['pagenow'] and $_GET['widget'] unsanitized in dashboard AJAX handler#11540
$_GET['pagenow'] and $_GET['widget'] unsanitized in dashboard AJAX handler#11540rajeshcpr wants to merge 2 commits intoWordPress:trunkfrom
Conversation
…ndler Both values are read directly without sanitize_key(). While the switch/comparison limits damage, unsanitized superglobal access violates WordPress coding standards unconditionally.
|
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the Core Committers: Use this line as a base for the props when committing in SVN: To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
Test using WordPress PlaygroundThe changes in this pull request can previewed and tested using a WordPress Playground instance. WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser. Some things to be aware of
For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation. |
mukeshpanchal27
left a comment
mukeshpanchal27
left a comment
There was a problem hiding this comment.
A Modern and clean version
| require_once ABSPATH . 'wp-admin/includes/dashboard.php'; | ||
|
|
||
| $pagenow = $_GET['pagenow']; | ||
| $pagenow = isset( $_GET['pagenow'] ) ? sanitize_key( $_GET['pagenow'] ) : ''; |
There was a problem hiding this comment.
| $pagenow = isset( $_GET['pagenow'] ) ? sanitize_key( $_GET['pagenow'] ) : ''; | |
| $pagenow = sanitize_key( $_GET['pagenow'] ?? '' ); |
| } | ||
|
|
||
| switch ( $_GET['widget'] ) { | ||
| $widget = isset( $_GET['widget'] ) ? sanitize_key( $_GET['widget'] ) : ''; |
There was a problem hiding this comment.
| $widget = isset( $_GET['widget'] ) ? sanitize_key( $_GET['widget'] ) : ''; | |
| $widget = sanitize_key( $_GET['widget'] ?? '' ); |
2 participants
$_GET['pagenow'] and $_GET['widget'] unsanitized in dashboard AJAX handler
Both values are read directly without sanitize_key(). While the switch/comparison limits damage, unsanitized
superglobal access violates WordPress coding standards unconditionally.
Trac ticket: https://core.trac.wordpress.org/ticket/65054
Fixes #65054
Use of AI Tools
This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.