diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 2a22eb93e7..747f0099da 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -109,7 +109,9 @@ function seems_utf8($Str) { # by bmorel at ssi dot fr function wp_specialchars( $text, $quotes = 0 ) { // Like htmlspecialchars except don't double-encode HTML entities - $text = preg_replace('/&([^#])(?![a-z1-4]{1,8};)/', '&$1', $text); + $text = str_replace('&&', '&&', $text); + $text = str_replace('&&', '&&', $text); + $text = preg_replace('/&(?:$|([^#])(?![a-z1-4]{1,8};))/', '&$1', $text); $text = str_replace('<', '<', $text); $text = str_replace('>', '>', $text); if ( 'double' === $quotes ) {