diff --git a/src/wp-admin/includes/plugin-install.php b/src/wp-admin/includes/plugin-install.php
index de21b7e96d..cc2294ee5a 100644
|
a
|
b
|
function install_plugins_upload() { |
| 342 | 342 | ?> |
| 343 | 343 | <div class="upload-plugin"> |
| 344 | 344 | <p class="install-help"><?php _e( 'If you have a plugin in a .zip format, you may install or update it by uploading it here.' ); ?></p> |
| 345 | | <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo self_admin_url( 'update.php?action=upload-plugin' ); ?>"> |
| | 345 | <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo esc_url( self_admin_url( 'update.php?action=upload-plugin' ) ); ?>"> |
| 346 | 346 | <?php wp_nonce_field( 'plugin-upload' ); ?> |
| 347 | 347 | <label class="screen-reader-text" for="pluginzip"><?php _e( 'Plugin zip file' ); ?></label> |
| 348 | 348 | <input type="file" id="pluginzip" name="pluginzip" accept=".zip" /> |
diff --git a/src/wp-admin/includes/theme-install.php b/src/wp-admin/includes/theme-install.php
index 93c2895dca..2cfb9dbb02 100644
|
a
|
b
|
function install_themes_dashboard() { |
| 182 | 182 | function install_themes_upload() { |
| 183 | 183 | ?> |
| 184 | 184 | <p class="install-help"><?php _e( 'If you have a theme in a .zip format, you may install or update it by uploading it here.' ); ?></p> |
| 185 | | <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo self_admin_url( 'update.php?action=upload-theme' ); ?>"> |
| | 185 | <form method="post" enctype="multipart/form-data" class="wp-upload-form" action="<?php echo esc_url( self_admin_url( 'update.php?action=upload-theme' ) ); ?>"> |
| 186 | 186 | <?php wp_nonce_field( 'theme-upload' ); ?> |
| 187 | 187 | <label class="screen-reader-text" for="themezip"><?php _e( 'Theme zip file' ); ?></label> |
| 188 | 188 | <input type="file" id="themezip" name="themezip" accept=".zip" /> |