diff --git a/wp-includes/class-wp-query.php b/wp-includes/class-wp-query.php index 7f3c22a785..c0de352c2d 100644 --- a/wp-includes/class-wp-query.php +++ b/wp-includes/class-wp-query.php @@ -2255,12 +2255,12 @@ class WP_Query { if ( empty( $in_search_post_types ) ) { $where .= ' AND 1=0 '; } else { - $where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $in_search_post_types ) . "')"; + $where .= " AND {$wpdb->posts}.post_type IN ('" . join( "', '", array_map( 'esc_sql', $in_search_post_types ) ) . "')"; } } elseif ( !empty( $post_type ) && is_array( $post_type ) ) { - $where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", $post_type) . "')"; + $where .= " AND {$wpdb->posts}.post_type IN ('" . join("', '", esc_sql( $post_type ) ) . "')"; } elseif ( ! empty( $post_type ) ) { - $where .= " AND {$wpdb->posts}.post_type = '$post_type'"; + $where .= $wpdb->prepare( " AND {$wpdb->posts}.post_type = %s", $post_type ); $post_type_object = get_post_type_object ( $post_type ); } elseif ( $this->is_attachment ) { $where .= " AND {$wpdb->posts}.post_type = 'attachment'"; diff --git a/wp-includes/version.php b/wp-includes/version.php index b2f6ea68cd..6c60566d6d 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.7.2-alpha-39883'; +$wp_version = '4.7.2-alpha-39953'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.