Ticket #20125: 20125.diff
| File 20125.diff, 788 bytes (added by , 14 years ago) |
|---|
-
wp-admin/includes/template.php
1266 1266 1267 1267 $output = ''; 1268 1268 foreach ( $settings_errors as $key => $details ) { 1269 $css_id = 'setting-error-' . $details['code'];1270 $css_class = $details['type']. ' settings-error';1269 $css_id = 'setting-error-' . esc_attr( $details['code'] ); 1270 $css_class = esc_attr( $details['type'] ) . ' settings-error'; 1271 1271 $output .= "<div id='$css_id' class='$css_class'> \n"; 1272 $output .= "<p><strong> {$details['message']}</strong></p>";1272 $output .= "<p><strong>" . wp_kses_data( $details['message'] ) . "</strong></p>"; 1273 1273 $output .= "</div> \n"; 1274 1274 } 1275 1275 echo $output;