Index: /trunk/src/wp-includes/default-widgets.php =================================================================== --- /trunk/src/wp-includes/default-widgets.php (revision 33812) +++ /trunk/src/wp-includes/default-widgets.php (revision 33813) @@ -79,5 +79,5 @@ public function update( $new_instance, $old_instance ) { $instance = $old_instance; - $instance['title'] = strip_tags($new_instance['title']); + $instance['title'] = sanitize_text_field( $new_instance['title'] ); if ( in_array( $new_instance['sortby'], array( 'post_title', 'menu_order', 'ID' ) ) ) { $instance['sortby'] = $new_instance['sortby']; @@ -86,5 +86,5 @@ } - $instance['exclude'] = strip_tags( $new_instance['exclude'] ); + $instance['exclude'] = sanitize_text_field( $new_instance['exclude'] ); return $instance; @@ -97,11 +97,12 @@ //Defaults $instance = wp_parse_args( (array) $instance, array( 'sortby' => 'post_title', 'title' => '', 'exclude' => '') ); - $title = esc_attr( $instance['title'] ); - $exclude = esc_attr( $instance['exclude'] ); ?> -
- -
++ +
-
+
+