Skip to content

Commit

Permalink
Sanitise input
Browse files Browse the repository at this point in the history
  • Loading branch information
@TorbenLundsgaard
TorbenLundsgaard committed Oct 15, 2024
1 parent 8848053 commit d111690
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/Installation/AutomaticUpdates.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,8 @@ public static function instance(): self {
public function wp_option_updated( $option, $value, $old_value = [] ): void {
if ( defined( 'DOING_AJAX' ) && DOING_AJAX && ! empty( $_POST['asset'] ) && ! empty( $_POST['state'] ) ) { // @phpcs:ignore WordPress.Security.NonceVerification.Missing
// Option is being updated by the ajax request performed when using the enable/disable auto-updates links on the plugins page.
$asset = sanitize_text_field( urldecode( $_POST['asset'] ) ); // @phpcs:ignore WordPress.Security.NonceVerification.Missing
if ( $asset !== GTMKIT_BASENAME ) {

if ( sanitize_text_field( $_POST['asset'] ) !== GTMKIT_BASENAME ) { // @phpcs:ignore WordPress.Security.NonceVerification.Missing
return;
}

Expand Down

0 comments on commit d111690

Please sign in to comment.