Make WordPress Core


Ignore:
Timestamp:
06/17/2021 02:35:59 PM (3 years ago)
Author:
SergeyBiryukov
Message:

Administration: Consistently escape admin_url() links.

Props chintan1896, mukesh27.
Fixes #53426.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/freedoms.php

    r50523 r51177  
    2626    <div class="about__header">
    2727        <div class="about__header-image">
    28             <img alt="<?php _e( 'Code is Poetry' ); ?>" src="<?php echo admin_url( 'images/about-badge.svg' ); ?>" />
     28            <img alt="<?php _e( 'Code is Poetry' ); ?>" src="<?php echo esc_url( admin_url( 'images/about-badge.svg' ) ); ?>" />
    2929        </div>
    3030
Note: See TracChangeset for help on using the changeset viewer.