WordPress · westonruter · May 29, 2026 · May 29, 2026 · May 29, 2026 · May 29, 2026
diff --git a/src/wp-admin/includes/class-wp-automatic-updater.php b/src/wp-admin/includes/class-wp-automatic-updater.php
@@ -1785,9 +1785,6 @@ protected function has_fatal_error() {
 			'Cache-Control' => 'no-cache',
 		);
 
-		/** This filter is documented in wp-includes/class-wp-http-streams.php */
-		$sslverify = apply_filters( 'https_local_ssl_verify', false );
-
 		// Include Basic auth in the loopback request.
 		if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
 			$headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
@@ -1804,7 +1801,10 @@ protected function has_fatal_error() {
 		$needle_start = "###### wp_scraping_result_start:$scrape_key ######";
 		$needle_end   = "###### wp_scraping_result_end:$scrape_key ######";
 		$url          = add_query_arg( $scrape_params, home_url( '/' ) );
-		$response     = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
+
+		/** This filter is documented in wp-includes/class-wp-http-streams.php */
+		$sslverify = apply_filters( 'https_local_ssl_verify', false, $url );
+		$response  = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
 
 		if ( is_wp_error( $response ) ) {
 			if ( $is_debug ) {

diff --git a/src/wp-admin/includes/class-wp-site-health.php b/src/wp-admin/includes/class-wp-site-health.php
@@ -2212,9 +2212,6 @@ public function get_test_rest_availability() {
 			'Cache-Control' => 'no-cache',
 			'X-WP-Nonce'    => wp_create_nonce( 'wp_rest' ),
 		);
-		/** This filter is documented in wp-includes/class-wp-http-streams.php */
-		$sslverify = apply_filters( 'https_local_ssl_verify', false );
-
 		// Include Basic auth in loopback requests.
 		if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
 			$headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
@@ -2230,6 +2227,9 @@ public function get_test_rest_availability() {
 			$url
 		);
 
+		/** This filter is documented in wp-includes/class-wp-http-streams.php */
+		$sslverify = apply_filters( 'https_local_ssl_verify', false, $url );
+
 		$r = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
 
 		if ( is_wp_error( $r ) ) {
@@ -3289,8 +3289,6 @@ public function can_perform_loopback() {
 		$headers = array(
 			'Cache-Control' => 'no-cache',
 		);
-		/** This filter is documented in wp-includes/class-wp-http-streams.php */
-		$sslverify = apply_filters( 'https_local_ssl_verify', false );
 
 		// Include Basic auth in loopback requests.
 		if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
@@ -3299,6 +3297,9 @@ public function can_perform_loopback() {
 
 		$url = site_url( 'wp-cron.php' );
 
+		/** This filter is documented in wp-includes/class-wp-http-streams.php */
+		$sslverify = apply_filters( 'https_local_ssl_verify', false, $url );
+
 		/*
 		 * A post request is used for the wp-cron.php loopback test to cause the file
 		 * to finish early without triggering cron jobs. This has two benefits:
@@ -3621,7 +3622,7 @@ public function get_page_cache_headers(): array {
 	private function check_for_page_caching() {
 
 		/** This filter is documented in wp-includes/class-wp-http-streams.php */
-		$sslverify = apply_filters( 'https_local_ssl_verify', false );
+		$sslverify = apply_filters( 'https_local_ssl_verify', false, home_url( '/' ) );
 
 		$headers = array();
 

diff --git a/src/wp-admin/includes/file.php b/src/wp-admin/includes/file.php
@@ -541,9 +541,6 @@ function wp_edit_theme_plugin_file( $args ) {
 			'Cache-Control' => 'no-cache',
 		);
 
-		/** This filter is documented in wp-includes/class-wp-http-streams.php */
-		$sslverify = apply_filters( 'https_local_ssl_verify', false );
-
 		// Include Basic auth in loopback requests.
 		if ( isset( $_SERVER['PHP_AUTH_USER'] ) && isset( $_SERVER['PHP_AUTH_PW'] ) ) {
 			$headers['Authorization'] = 'Basic ' . base64_encode( wp_unslash( $_SERVER['PHP_AUTH_USER'] ) . ':' . wp_unslash( $_SERVER['PHP_AUTH_PW'] ) );
@@ -583,7 +580,11 @@ function wp_edit_theme_plugin_file( $args ) {
 			session_write_close();
 		}
 
-		$url                    = add_query_arg( $scrape_params, $url );
+		$url = add_query_arg( $scrape_params, $url );
+
+		/** This filter is documented in wp-includes/class-wp-http-streams.php */
+		$sslverify = apply_filters( 'https_local_ssl_verify', false, $url );
+
 		$r                      = wp_remote_get( $url, compact( 'cookies', 'headers', 'timeout', 'sslverify' ) );
 		$body                   = wp_remote_retrieve_body( $r );
 		$scrape_result_position = strpos( $body, $needle_start );

diff --git a/src/wp-admin/includes/nav-menu.php b/src/wp-admin/includes/nav-menu.php
@@ -1509,7 +1509,7 @@ function wp_nav_menu_update_menu_items( $nav_menu_selected_id, $nav_menu_selecte
 	wp_defer_term_counting( false );
 
 	/** This action is documented in wp-includes/nav-menu.php */
-	do_action( 'wp_update_nav_menu', $nav_menu_selected_id );
+	do_action( 'wp_update_nav_menu', $nav_menu_selected_id, array() );
 
 	/* translators: %s: Nav menu title. */
 	$message     = sprintf( __( '%s has been updated.' ), '<strong>' . $nav_menu_selected_title . '</strong>' );

diff --git a/src/wp-admin/includes/template.php b/src/wp-admin/includes/template.php
@@ -316,11 +316,13 @@ function get_inline_data( $post ) {
 
 	$title = esc_textarea( trim( $post->post_title ) );
 
+	/** This filter is documented in wp-admin/edit-tag-form.php */
+	$editable_slug = apply_filters( 'editable_slug', $post->post_name, $post );
+
 	echo '
 <div class="hidden" id="inline_' . $post->ID . '">
-	<div class="post_title">' . $title . '</div>' .
-	/** This filter is documented in wp-admin/edit-tag-form.php */
-	'<div class="post_name">' . apply_filters( 'editable_slug', $post->post_name, $post ) . '</div>
+	<div class="post_title">' . $title . '</div>
+	<div class="post_name">' . $editable_slug . '</div>
 	<div class="post_author">' . $post->post_author . '</div>
 	<div class="comment_status">' . esc_html( $post->comment_status ) . '</div>
 	<div class="ping_status">' . esc_html( $post->ping_status ) . '</div>

diff --git a/src/wp-admin/network/themes.php b/src/wp-admin/network/themes.php
@@ -293,7 +293,7 @@
 			check_admin_referer( 'bulk-themes' );
 
 			/** This action is documented in wp-admin/network/site-themes.php */
-			$referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $themes ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
+			$referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $themes, 0 ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
 
 			wp_safe_redirect( $referer );
 			exit;

diff --git a/src/wp-admin/network/users.php b/src/wp-admin/network/users.php
@@ -157,7 +157,7 @@
 					$user_ids = (array) $_POST['allusers'];
 
 					/** This action is documented in wp-admin/network/site-themes.php */
-					$sendback = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $user_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
+					$sendback = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $user_ids, 0 ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
 
 					wp_safe_redirect( $sendback );
 					exit;

diff --git a/src/wp-admin/plugin-install.php b/src/wp-admin/plugin-install.php
@@ -40,6 +40,15 @@
 
 $wp_list_table->prepare_items();
 
+/**
+ * WP_Plugin_Install_List_Table::prepare_items() populates these globals, which
+ * are used throughout the rest of this file.
+ *
+ * @global string $tab   The current tab of the Install Plugins screen.
+ * @global int    $paged The current page number of the plugins list.
+ */
+global $tab, $paged;
+
 $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' );
 
 if ( $pagenum > $total_pages && $total_pages > 0 ) {
@@ -169,7 +178,7 @@
 	<div class="upload-plugin-wrap">
 		<?php
 		/** This action is documented in wp-admin/plugin-install.php */
-		do_action( 'install_plugins_upload' );
+		do_action( 'install_plugins_upload', $paged );
 		?>
 	</div>
 	<?php

diff --git a/src/wp-admin/plugins.php b/src/wp-admin/plugins.php
@@ -193,7 +193,7 @@
 			// Go back to "sandbox" scope so we get the same errors as before.
 			plugin_sandbox_scrape( $plugin );
 			/** This action is documented in wp-admin/includes/plugin.php */
-			do_action( "activate_{$plugin}" );
+			do_action( "activate_{$plugin}", is_network_admin() );
 			exit;
 
 		case 'deactivate':

diff --git a/src/wp-content/themes/twentyeleven/author.php b/src/wp-content/themes/twentyeleven/author.php
@@ -57,7 +57,7 @@
 						 *
 						 * @since Twenty Eleven 1.0
 						 *
-						 * @param int The height and width avatar dimension in pixels. Default 60.
+						 * @param int $size The height and width avatar dimension in pixels. Default 60.
 						 */
 						$author_bio_avatar_size = apply_filters( 'twentyeleven_author_bio_avatar_size', 60 );
 						echo get_avatar( get_the_author_meta( 'user_email' ), $author_bio_avatar_size );

diff --git a/src/wp-content/themes/twentyeleven/content-status.php b/src/wp-content/themes/twentyeleven/content-status.php
@@ -39,7 +39,7 @@
 				 *
 				 * @since Twenty Eleven 1.0
 				 *
-				 * @param int The height and width avatar dimensions in pixels. Default 65.
+				 * @param int $size The height and width avatar dimensions in pixels. Default 65.
 				 */
 				echo get_avatar( get_the_author_meta( 'ID' ), apply_filters( 'twentyeleven_status_avatar', 65 ) );
 				?>

diff --git a/src/wp-content/themes/twentyeleven/functions.php b/src/wp-content/themes/twentyeleven/functions.php
@@ -685,7 +685,7 @@ function twentyeleven_get_first_url() {
 	}
 
 	/** This filter is documented in wp-includes/link-template.php */
-	return ( $has_url ) ? $has_url : apply_filters( 'the_permalink', get_permalink() );
+	return ( $has_url ) ? $has_url : apply_filters( 'the_permalink', get_permalink(), get_post() );
 }
 
 /**

diff --git a/src/wp-content/themes/twentyeleven/image.php b/src/wp-content/themes/twentyeleven/image.php
@@ -99,7 +99,7 @@
 										 *
 										 * @since Twenty Eleven 1.0
 										 *
-										 * @param int The width for the image attachment size in pixels. Default 848.
+										 * @param int $size The width for the image attachment size in pixels. Default 848.
 										 */
 										$attachment_size = apply_filters( 'twentyeleven_attachment_size', 848 );
 										echo wp_get_attachment_image( $post->ID, array( $attachment_size, 1024 ) );

diff --git a/src/wp-content/themes/twentyeleven/inc/widgets.php b/src/wp-content/themes/twentyeleven/inc/widgets.php
@@ -70,7 +70,7 @@ public function widget( $args, $instance ) {
 
 		ob_start();
 
-		/** This filter is documented in wp-includes/default-widgets.php */
+		/** This filter is documented in wp-includes/widgets/class-wp-widget-pages.php */
 		$args['title'] = apply_filters( 'widget_title', empty( $instance['title'] ) ? __( 'Ephemera', 'twentyeleven' ) : $instance['title'], $instance, $this->id_base );
 
 		if ( ! isset( $instance['number'] ) ) {

diff --git a/src/wp-content/themes/twentyeleven/tag.php b/src/wp-content/themes/twentyeleven/tag.php
@@ -30,7 +30,7 @@
 						 *
 						 * @since Twenty Eleven 1.0
 						 *
-						 * @param string The default tag description.
+						 * @param string $tag_archive_meta The default tag description.
 						 */
 						echo apply_filters( 'tag_archive_meta', '<div class="tag-archive-meta">' . $tag_description . '</div>' );
 					}

diff --git a/src/wp-content/themes/twentyfifteen/inc/template-tags.php b/src/wp-content/themes/twentyfifteen/inc/template-tags.php
@@ -246,7 +246,8 @@ function twentyfifteen_post_thumbnail() {
 	function twentyfifteen_get_link_url() {
 		$has_url = get_url_in_content( get_the_content() );
 
-		return $has_url ? $has_url : apply_filters( 'the_permalink', get_permalink() );
+		/** This filter is documented in wp-includes/link-template.php */
+		return $has_url ? $has_url : apply_filters( 'the_permalink', get_permalink(), get_post() );
 	}
 endif;
 

diff --git a/src/wp-content/themes/twentyfourteen/inc/widgets.php b/src/wp-content/themes/twentyfourteen/inc/widgets.php
@@ -110,7 +110,8 @@ public function widget( $args, $instance ) {
 
 		$number = ! empty( $instance['number'] ) ? absint( $instance['number'] ) : 2;
 		$title  = ! empty( $instance['title'] ) ? $instance['title'] : $format_string;
-		$title  = apply_filters( 'widget_title', $title, $instance, $this->id_base );
+		/** This filter is documented in wp-includes/widgets/class-wp-widget-pages.php */
+		$title = apply_filters( 'widget_title', $title, $instance, $this->id_base );
 
 		$ephemera = new WP_Query(
 			array(

diff --git a/src/wp-content/themes/twentyten/functions.php b/src/wp-content/themes/twentyten/functions.php
@@ -168,15 +168,15 @@ function twentyten_setup() {
 			 *
 			 * @since Twenty Ten 1.0
 			 *
-			 * @param int The default header image width in pixels. Default 940.
+			 * @param int $width The default header image width in pixels. Default 940.
 			 */
 			'width'               => apply_filters( 'twentyten_header_image_width', 940 ),
 			/**
 			 * Filters the Twenty Ten default header image height.
 			 *
 			 * @since Twenty Ten 1.0
 			 *
-			 * @param int The default header image height in pixels. Default 198.
+			 * @param int $height The default header image height in pixels. Default 198.
 			 */
 			'height'              => apply_filters( 'twentyten_header_image_height', 198 ),
 			// Support flexible heights.

diff --git a/src/wp-content/themes/twentythirteen/functions.php b/src/wp-content/themes/twentythirteen/functions.php
@@ -731,7 +731,8 @@ function twentythirteen_get_link_url() {
 	$content = get_the_content();
 	$has_url = get_url_in_content( $content );
 
-	return ( $has_url ) ? $has_url : apply_filters( 'the_permalink', get_permalink() );
+	/** This filter is documented in wp-includes/link-template.php */
+	return ( $has_url ) ? $has_url : apply_filters( 'the_permalink', get_permalink(), get_post() );
 }
 
 if ( ! function_exists( 'twentythirteen_excerpt_more' ) && ! is_admin() ) :

diff --git a/src/wp-content/themes/twentytwentyone/functions.php b/src/wp-content/themes/twentytwentyone/functions.php
@@ -577,7 +577,7 @@ function twentytwentyone_the_html_classes() {
 	 *
 	 * @since Twenty Twenty-One 1.0
 	 *
-	 * @param string The list of classes. Default empty string.
+	 * @param string $classes The list of classes. Default empty string.
 	 */
 	$classes = apply_filters( 'twentytwentyone_html_classes', '' );
 	if ( ! $classes ) {

diff --git a/src/wp-includes/abilities-api/class-wp-ability.php b/src/wp-includes/abilities-api/class-wp-ability.php
@@ -747,6 +747,8 @@ public function execute( $input = null ) {
 		 */
 		do_action( 'wp_ability_invoked', $this->name, $input, $this );
 
+		$pre_execute_sentinel = new WP_Filter_Sentinel();
+
 		/**
 		 * Filters whether to short-circuit ability execution.
 		 *
@@ -769,8 +771,7 @@ public function execute( $input = null ) {
 		 * @param mixed      $input        The raw input passed to `execute()`.
 		 * @param WP_Ability $ability      The ability instance.
 		 */
-		$pre_execute_sentinel = new WP_Filter_Sentinel();
-		$pre                  = apply_filters( 'wp_pre_execute_ability', $pre_execute_sentinel, $this->name, $input, $this );
+		$pre = apply_filters( 'wp_pre_execute_ability', $pre_execute_sentinel, $this->name, $input, $this );
 		if ( $pre !== $pre_execute_sentinel ) {
 			return $pre;
 		}

diff --git a/src/wp-includes/class-wp-xmlrpc-server.php b/src/wp-includes/class-wp-xmlrpc-server.php
@@ -191,9 +191,11 @@ private function set_is_enabled() {
 		 * Respect old get_option() filters left for back-compat when the 'enable_xmlrpc'
 		 * option was deprecated in 3.5.0. Use the {@see 'xmlrpc_enabled'} hook instead.
 		 */
-		$is_enabled = apply_filters( 'pre_option_enable_xmlrpc', false );
+		/** This filter is documented in wp-includes/option.php */
+		$is_enabled = apply_filters( 'pre_option_enable_xmlrpc', false, 'enable_xmlrpc', false );
 		if ( false === $is_enabled ) {
-			$is_enabled = apply_filters( 'option_enable_xmlrpc', true );
+			/** This filter is documented in wp-includes/option.php */
+			$is_enabled = apply_filters( 'option_enable_xmlrpc', true, 'enable_xmlrpc' );
 		}
 
 		/**

diff --git a/src/wp-includes/comment.php b/src/wp-includes/comment.php
@@ -3111,7 +3111,7 @@ function do_trackbacks( $post ) {
 
 	if ( empty( $post->post_excerpt ) ) {
 		/** This filter is documented in wp-includes/post-template.php */
-		$excerpt = apply_filters( 'the_content', $post->post_content, $post->ID );
+		$excerpt = apply_filters( 'the_content', $post->post_content );
 	} else {
 		/** This filter is documented in wp-includes/post-template.php */
 		$excerpt = apply_filters( 'the_excerpt', $post->post_excerpt );

diff --git a/src/wp-includes/cron.php b/src/wp-includes/cron.php
@@ -958,6 +958,8 @@ function spawn_cron( $gmt_time = 0 ) {
 	$doing_wp_cron = sprintf( '%.22F', $gmt_time );
 	set_transient( 'doing_cron', $doing_wp_cron );
 
+	$cron_url = add_query_arg( 'doing_wp_cron', $doing_wp_cron, site_url( 'wp-cron.php' ) );
+
 	/**
 	 * Filters the cron request arguments.
 	 *
@@ -982,13 +984,13 @@ function spawn_cron( $gmt_time = 0 ) {
 	$cron_request = apply_filters(
 		'cron_request',
 		array(
-			'url'  => add_query_arg( 'doing_wp_cron', $doing_wp_cron, site_url( 'wp-cron.php' ) ),
+			'url'  => $cron_url,
 			'key'  => $doing_wp_cron,
 			'args' => array(
 				'timeout'   => 0.01,
 				'blocking'  => false,
 				/** This filter is documented in wp-includes/class-wp-http-streams.php */
-				'sslverify' => apply_filters( 'https_local_ssl_verify', false ),
+				'sslverify' => apply_filters( 'https_local_ssl_verify', false, $cron_url ),
 			),
 		),
 		$doing_wp_cron

diff --git a/src/wp-includes/media.php b/src/wp-includes/media.php
@@ -6413,7 +6413,7 @@ function wp_high_priority_element_flag( $value = null ): bool {
  *
  * @param string $filename  Path to the image.
  * @param string $mime_type The source image mime type.
- * @return string[] An array of mime type mappings.
+ * @return array<string, string> An array of mime type mappings.
  */
 function wp_get_image_editor_output_format( $filename, $mime_type ) {
 	$output_format = array(
@@ -6435,14 +6435,10 @@ function wp_get_image_editor_output_format( $filename, $mime_type ) {
 	 * @since 6.7.0 The default was changed from an empty array to an array
 	 *              containing the HEIC/HEIF images mime types.
 	 *
-	 * @param string[] $output_format {
-	 *     An array of mime type mappings. Maps a source mime type to a new
-	 *     destination mime type. By default maps HEIC/HEIF input to JPEG output.
-	 *
-	 *     @type string ...$0 The new mime type.
-	 * }
-	 * @param string $filename  Path to the image.
-	 * @param string $mime_type The source image mime type.
+	 * @param array<string, string> $output_format An array of mime type mappings. Maps a source mime type to a new
+	 *                                             destination mime type. By default maps HEIC/HEIF input to JPEG output.
+	 * @param string                $filename      Path to the image.
+	 * @param string                $mime_type     The source image mime type.
 	 */
 	return apply_filters( 'image_editor_output_format', $output_format, $filename, $mime_type );
 }

diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-autosaves-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-autosaves-controller.php
@@ -425,7 +425,7 @@ public function create_post_autosave( $post_data, array $meta = array() ) {
 			$new_autosave['post_author'] = $user_id;
 
 			/** This action is documented in wp-admin/includes/post.php */
-			do_action( 'wp_creating_autosave', $new_autosave );
+			do_action( 'wp_creating_autosave', $new_autosave, true );
 
 			// wp_update_post() expects escaped array.
 			$revision_id = wp_update_post( wp_slash( $new_autosave ) );

diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-menus-controller.php
@@ -453,7 +453,7 @@ protected function handle_auto_add( $menu_id, $request ) {
 		$update = update_option( 'nav_menu_options', $nav_menu_option );
 
 		/** This action is documented in wp-includes/nav-menu.php */
-		do_action( 'wp_update_nav_menu', $menu_id );
+		do_action( 'wp_update_nav_menu', $menu_id, array() );
 
 		return $update;
 	}
-Original file line number
+Diff line change
@@ Expand Up / @@ -685,7 +685,7 @@ function twentyeleven_get_first_url() { @@
     	}
     	/** This filter is documented in wp-includes/link-template.php */
-    	return ( $has_url ) ? $has_url : apply_filters( 'the_permalink', get_permalink() );
+    	return ( $has_url ) ? $has_url : apply_filters( 'the_permalink', get_permalink(), get_post() );
     }
     /**
@@ Expand Down @@