Ticket #44880: 44880.diff
| File 44880.diff, 1.0 KB (added by , 7 years ago) |
|---|
-
src/wp-includes/class-walker-category.php
146 146 if ( empty( $args['feed_image'] ) ) { 147 147 $link .= $name; 148 148 } else { 149 $link .= "<img src='" . $args['feed_image']. "'$alt" . ' />';149 $link .= "<img src='" . esc_url( $args['feed_image'] ) . "'$alt" . ' />'; 150 150 } 151 151 $link .= '</a>'; 152 152 … … 203 203 * @param int $depth Depth of page, used for padding. 204 204 * @param array $args An array of wp_list_categories() arguments. 205 205 */ 206 $css_classes = implode( ' ', a pply_filters( 'category_css_class', $css_classes, $category, $depth, $args) );206 $css_classes = implode( ' ', array_map( 'sanitize_html_class', apply_filters( 'category_css_class', $css_classes, $category, $depth, $args ) ) ); 207 207 208 208 $output .= ' class="' . $css_classes . '"'; 209 209 $output .= ">$link\n";