Make WordPress Core

Ticket #53899: 53899.diff

File 53899.diff, 650 bytes (added by vishitshah, 3 years ago)
  • wp-admin/themes.php

    diff --git a/wp-admin/themes.php b/wp-admin/themes.php
    index 87b1b6db7a..fbccfae4fb 100644
    a b foreach ( $themes as $theme ) : 
    371371                $active_class = ' active';
    372372        }
    373373        ?>
    374 <div class="theme<?php echo $active_class; ?>">
     374<div class="theme<?php echo esc_attr( $active_class ); ?>">
    375375        <?php if ( ! empty( $theme['screenshot'][0] ) ) { ?>
    376376                <div class="theme-screenshot">
    377                         <img src="<?php echo $theme['screenshot'][0]; ?>" alt="" />
     377                        <img src="<?php echo esc_url( $theme['screenshot'][0] ); ?>" alt="" />
    378378                </div>
    379379        <?php } else { ?>
    380380                <div class="theme-screenshot blank"></div>