guardrails[bot]
commented
12 months ago :warning: We detected 3 security issues in this pull request:
Insecure Access Control (2)
Severity | Details | Docs :-: | :-- | :-: Low | Title: **Insecure HTTP redirect**
https://github.com/pantheon-systems/WordPress/blob/76e322ffa2a3ec927cb35342c81542ab60ab6392/wp-includes/ms-files.php#L60 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/php/insecure_access_control.html?utm_source=ghpr#http-redirect-gr) Low | Title: **Insecure HTTP redirect**
https://github.com/pantheon-systems/WordPress/blob/76e322ffa2a3ec927cb35342c81542ab60ab6392/wp-includes/ms-files.php#L61 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/php/insecure_access_control.html?utm_source=ghpr#http-redirect-gr) More info on how to fix Insecure Access Control in [PHP](https://docs.guardrails.io/docs/en/vulnerabilities/php/insecure_access_control.html?utm_source=ghpr). ---
Insecure Use of Dangerous Function (1)
Severity | Details | Docs :-: | :-- | :-: Medium | Title: **Dynamic evaluation of untrusted input (Frontend)**
https://github.com/pantheon-systems/WordPress/blob/76e322ffa2a3ec927cb35342c81542ab60ab6392/wp-admin/js/image-edit.js#L269 | [:books:](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_dangerous_function.html?utm_source=ghpr#javascript.lang.eval-dom-frontend) More info on how to fix Insecure Use of Dangerous Function in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/insecure_use_of_dangerous_function.html?utm_source=ghpr).
👉 Go to the dashboard for detailed results.
📥 Happy? Share your feedback with us.
Update from WordPress 6.3.2 to WordPress 6.4.
Before merging this PR, check the build results on CircleCI, and then visit the test site and confirm that the correct version of WordPress was, in fact, installed and tested.
Optionally, you may also create your own test site: