verify nonce for search!

This commit is contained in:
Matthias Pfefferle 2023-11-09 16:26:16 +01:00
parent 32d8e7c3f0
commit 90deea3f7b

View file

@ -75,9 +75,12 @@ class Followers extends WP_List_Table {
} }
// phpcs:ignore WordPress.Security.NonceVerification.Recommended // phpcs:ignore WordPress.Security.NonceVerification.Recommended
if ( isset( $_GET['s'] ) ) { if ( isset( $_GET['s'] ) && isset( $_REQUEST['_wpnonce'] ) ) {
// phpcs:ignore WordPress.Security.NonceVerification.Recommended $nonce = sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) );
$args['s'] = sanitize_text_field( wp_unslash( $_GET['s'] ) ); if ( wp_verify_nonce( $nonce, 'bulk-' . $this->_args['plural'] ) ) {
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
$args['s'] = sanitize_text_field( wp_unslash( $_GET['s'] ) );
}
} }
$followers_with_count = FollowerCollection::get_followers_with_count( $this->user_id, $per_page, $page_num, $args ); $followers_with_count = FollowerCollection::get_followers_with_count( $this->user_id, $per_page, $page_num, $args );