From 34e1c43c1df6911538cf495711846f2b531d8f7e Mon Sep 17 00:00:00 2001 From: Shea Bunge Date: Fri, 13 May 2022 19:04:33 +1000 Subject: [PATCH] Sanitize tags query variable as a string, not as an array --- php/class-list-table.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/php/class-list-table.php b/php/class-list-table.php index 52feb5ef..7327d46f 100644 --- a/php/class-list-table.php +++ b/php/class-list-table.php @@ -1128,7 +1128,7 @@ private function search_by_line_callback( $snippet ) { * @ignore */ private function tags_filter_callback( $snippet ) { - $tags = explode( ',', array_map( 'sanitize_text_field', $_GET['tag'] ) ); + $tags = explode( ',', sanitize_text_field( $_GET['tag'] ) ); foreach ( $tags as $tag ) { if ( in_array( $tag, $snippet->tags, true ) ) {