diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index b29b941d5d..e0b8cb8fd9 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -1175,7 +1175,7 @@ function is_blog_installed() {
  */
 function wp_nonce_url( $actionurl, $action = -1, $name = '_wpnonce' ) {
 	$actionurl = str_replace( '&', '&', $actionurl );
-	return esc_url( add_query_arg( $name, wp_create_nonce( $action ), $actionurl ) );
+	return esc_html( add_query_arg( $name, wp_create_nonce( $action ), $actionurl ) );
 }
 
 /**