Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-01-09 09:57:38 +01:00
Code Issues Projects Releases Wiki Activity

Themes: Use esc_url() for theme screenshots on the Themes screen.

Browse Source 
This brings consistency with how screenshots are escaped elsewhere.

Follow-up to [52020], [52947].

See #53370.
Built from https://develop.svn.wordpress.org/trunk@52949


git-svn-id: http://core.svn.wordpress.org/trunk@52538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2022-03-18 13:44:03 +00:00
parent 775ae0b5f6
commit fc469e56ca
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/themes.php
View File

@ -388,7 +388,7 @@ foreach ( $themes as $theme ) :
<div class="theme<?php echo $active_class; ?>"> <div class="theme<?php echo $active_class; ?>">
<?php if ( ! empty( $theme['screenshot'][0] ) ) { ?> <?php if ( ! empty( $theme['screenshot'][0] ) ) { ?>
<div class="theme-screenshot"> <div class="theme-screenshot">
<img src="<?php echo esc_attr( $theme['screenshot'][0] . '?ver=' . $theme['version'] ); ?>" alt="" /> <img src="<?php echo esc_url( $theme['screenshot'][0] . '?ver=' . $theme['version'] ); ?>" alt="" />
</div> </div>
<?php } else { ?> <?php } else { ?>
<div class="theme-screenshot blank"></div> <div class="theme-screenshot blank"></div>

2
wp-includes/version.php
View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.0-alpha-52948'; $wp_version = '6.0-alpha-52949';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.