Skip to content
Permalink
Browse files Browse the repository at this point in the history
Escaping result of wp_nonce_url, since it does not use proper esc_url…
  • Loading branch information
Scott Dunham committed Apr 27, 2015
1 parent 47ab980 commit b14c1f6
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions resend-welcome-email.php
Expand Up @@ -124,10 +124,10 @@ public static function define_notice() {
*/
public static function send_welcome_email_url( WP_User $user ) {

return wp_nonce_url( add_query_arg( array(
return esc_url(wp_nonce_url( add_query_arg( array(
'action' => 'resend_welcome_email',
'user_id' => $user->ID
), '') , "send_welcome_email_{$user->ID}" );
), '') , "send_welcome_email_{$user->ID}" ));

}

Expand Down

0 comments on commit b14c1f6

Please sign in to comment.