diff --git a/wp-admin/includes/plugin-install.php b/wp-admin/includes/plugin-install.php index b809d276ad..e2f4e7e932 100644 --- a/wp-admin/includes/plugin-install.php +++ b/wp-admin/includes/plugin-install.php @@ -86,8 +86,8 @@ add_action('install_plugins_search', 'install_search', 10, 1); * @param string $page */ function install_search($page) { - $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : ''; - $term = isset($_REQUEST['s']) ? $_REQUEST['s'] : ''; + $type = isset($_REQUEST['type']) ? stripslashes( $_REQUEST['type'] ) : ''; + $term = isset($_REQUEST['s']) ? stripslashes( $_REQUEST['s'] ) : ''; $args = array(); @@ -162,8 +162,8 @@ function install_dashboard() { * @since 2.7.0 */ function install_search_form(){ - $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : ''; - $term = isset($_REQUEST['s']) ? $_REQUEST['s'] : ''; + $type = isset($_REQUEST['type']) ? stripslashes( $_REQUEST['type'] ) : ''; + $term = isset($_REQUEST['s']) ? stripslashes( $_REQUEST['s'] ) : ''; ?>