[wp-trac] [WordPress Trac] #54255: Use esc_html() to escaping variable in about page
WordPress Trac
noreply at wordpress.org
Wed Oct 13 10:36:42 UTC 2021
#54255: Use esc_html() to escaping variable in about page
--------------------------+-----------------------------
Reporter: sayedulsayem | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: trunk
Severity: normal | Keywords:
Focuses: ui |
--------------------------+-----------------------------
On about.php there is a variable echo without escaping. like
{{{
<?php echo $display_version; ?>
}}}
to print the WordPress version. On others file, this kind of print use
esc_html() escaping.
It should have to use there also.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54255>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list