From 6ba0632330518b1b7dab579507106ca651e404f7 Mon Sep 17 00:00:00 2001
From: Rajinsharwar <rajinsharwar@gmail.com>
Date: Fri, 18 Aug 2023 20:45:42 +0600
Subject: [PATCH] Escaping the variables properly
---
src/wp-admin/revision.php | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/wp-admin/revision.php b/src/wp-admin/revision.php
index 458a749262..eac6d697eb 100644
|
a
|
b
|
switch ( $action ) { |
| 104 | 104 | } |
| 105 | 105 | |
| 106 | 106 | $post_edit_link = get_edit_post_link(); |
| 107 | | $post_title = '<a href="' . $post_edit_link . '">' . _draft_or_post_title() . '</a>'; |
| | 107 | $post_title = '<a href="' . esc_url($post_edit_link) . '">' . esc_html(_draft_or_post_title()) . '</a>'; |
| 108 | 108 | /* translators: %s: Post title. */ |
| 109 | 109 | $h1 = sprintf( __( 'Compare Revisions of “%s”' ), $post_title ); |
| 110 | | $return_to_post = '<a href="' . $post_edit_link . '">' . __( '← Go to editor' ) . '</a>'; |
| | 110 | $return_to_post = '<a href="' . esc_url($post_edit_link) . '">' . __( '← Go to editor' ) . '</a>'; |
| 111 | 111 | // Used in the HTML title tag. |
| 112 | 112 | $title = __( 'Revisions' ); |
| 113 | 113 | |