Make WordPress Core


Ignore:
Timestamp:
08/15/2014 05:16:16 PM (10 years ago)
Author:
ocean90
Message:

Plugin details: Escape the donate link.

see #27440.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/plugin-install.php

    r29474 r29506  
    373373
    374374    iframe_header( __( 'Plugin Install' ) );
    375    
     375
    376376    $_with_banner = '';
    377377
     
    441441            <li><a target="_blank" href="<?php echo esc_url( $api->homepage ); ?>"><?php _e( 'Plugin Homepage &#187;' ); ?></a></li>
    442442        <?php } if ( ! empty( $api->donate_link ) && empty( $api->contributors ) ) { ?>
    443             <li><a target="_blank" href="<?php echo $api->donate_link ?>"><?php _e( 'Donate to this plugin &#187;' ); ?></a></li>
     443            <li><a target="_blank" href="<?php echo esc_url( $api->donate_link ); ?>"><?php _e( 'Donate to this plugin &#187;' ); ?></a></li>
    444444        <?php } ?>
    445445        </ul>
Note: See TracChangeset for help on using the changeset viewer.