sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use esc_attr() for attributes. Props johnjamesjacoby. fixes #22327

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@22373 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2012-11-05 18:04:50 +00:00
parent 52e69011ad
commit b9890981c5
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/includes/template.php
View File

@ -1113,7 +1113,7 @@ function do_settings_fields($page, $section) {
foreach ( (array) $wp_settings_fields[$page][$section] as $field ) {
echo '<tr valign="top">';
if ( !empty($field['args']['label_for']) )
echo '<th scope="row"><label for="' . $field['args']['label_for'] . '">' . $field['title'] . '</label></th>';
echo '<th scope="row"><label for="' . esc_attr( $field['args']['label_for'] ) . '">' . $field['title'] . '</label></th>';
else
echo '<th scope="row">' . $field['title'] . '</th>';
echo '<td>';