Ticket #22327: 22327.patch

wp-admin/includes/template.php

@@ -1077 +1077 @@
 
         foreach ( (array) $wp_settings_sections[$page] as $section ) {
                 if ( $section['title'] )
-                        echo "<h3>{$section['title']}</h3>\n";
+                        echo '<h3>' . esc_html( $section['title'] ) . "</h3>\n";
 
                 if ( $section['callback'] )
                         call_user_func( $section['callback'], $section );
@@ -1113 +1113 @@
         foreach ( (array) $wp_settings_fields[$page][$section] as $field ) {
                 echo '<tr valign="top">';
                 if ( !empty($field['args']['label_for']) )
-                        echo '<th scope="row"><label for="' . $field['args']['label_for'] . '">' . $field['title'] . '</label></th>';
+                        echo '<th scope="row"><label for="' . esc_attr( $field['args']['label_for'] ) . '">' . esc_html( $field['title'] ) . '</label></th>';
                 else
-                        echo '<th scope="row">' . $field['title'] . '</th>';
+                        echo '<th scope="row">' . esc_html( $field['title'] ) . '</th>';
                 echo '<td>';
                 call_user_func($field['callback'], $field['args']);
                 echo '</td>';