Make WordPress Core

Ticket #44916: 44916.2.diff

File 44916.2.diff, 573 bytes (added by welcher, 6 years ago)

Adds late escaping

  • src/wp-includes/class-walker-nav-menu.php

    diff --git src/wp-includes/class-walker-nav-menu.php src/wp-includes/class-walker-nav-menu.php
    index f46f14c177..3a610a5baa 100644
    class Walker_Nav_Menu extends Walker { 
    222222
    223223                $item_output  = $args->before;
    224224                $item_output .= '<a' . $attributes . '>';
    225                 $item_output .= $args->link_before . $title . $args->link_after;
     225                $item_output .= $args->link_before . esc_html( $title ) . $args->link_after;
    226226                $item_output .= '</a>';
    227227                $item_output .= $args->after;
    228228