mikejolley / sidebar-login

Easily add an ajax-enhanced login widget to your WordPress site sidebar.

Home Page:http://wordpress.org/extend/plugins/sidebar-login/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Failing on some passwords

gustavlarson opened this issue · comments

Hi,
if the user have a password with certain characters(& for example) the plugin will display an error that the wrong password is entered.

This is because of the esc_attr() used on lines 310-312 in sidebar-login.php.
The original wp-login.php does not escape the password & username, I guess that is handled later.