WordPress.org

Make WordPress Core

Ticket #11514: sanitze.diff

File sanitze.diff, 407 bytes (added by petervanderdoes, 6 years ago)

Adds sanitazition of name and class

  • wp-includes/category-template.php

     
    456456        extract( $r ); 
    457457 
    458458        $categories = get_categories( $r ); 
     459        $name = esc_attr($name); 
     460        $class = esc_attr($class); 
    459461 
    460462        $output = ''; 
    461463        if ( $title_li && 'list' == $style )