WordPress.org

Make WordPress Core

Ticket #16507: 16507.diff

File 16507.diff, 416 bytes (added by kawauso, 7 years ago)

Patched with wp_kses_normalize_entities() since theme names go through kses

  • wp-admin/theme-editor.php

     
    4545if (empty($theme)) {
    4646        $theme = get_current_theme();
    4747} else {
    48         $theme = stripslashes($theme);
     48        $theme = wp_kses_normalize_entities( stripslashes( $theme ) );
    4949}
    5050
    5151if ( ! isset($themes[$theme]) )