Make WordPress Core

Changeset 55682


Ignore:
Timestamp:
04/24/2023 04:42:19 PM (11 months ago)
Author:
audrasjb
Message:

Coding Standards: Escape edit profile URL in default_password_nag().

Props utsav72640, mukesh27.
Fixes #58182.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/user.php

    r55592 r55682  
    532532    _e( 'You’re using the auto-generated password for your account. Would you like to change it?' );
    533533    echo '</p><p>';
    534     printf( '<a href="%s">' . __( 'Yes, take me to my profile page' ) . '</a> | ', get_edit_profile_url() . '#password' );
     534    printf( '<a href="%s">' . __( 'Yes, take me to my profile page' ) . '</a> | ', esc_url( get_edit_profile_url() . '#password' ) );
    535535    printf( '<a href="%s" id="default-password-nag-no">' . __( 'No thanks, do not remind me again' ) . '</a>', '?default_password_nag=0' );
    536536    echo '</p></div>';
Note: See TracChangeset for help on using the changeset viewer.