Fix XSS issues in options form by properly using esc_attr(). #1

Merged
merged 1 commit into from Feb 3, 2012

Conversation

Projects
None yet
2 participants
Contributor

markjaquith commented Feb 3, 2012

The options form directly echoes get_option() output. Instead, it should use esc_attr() to protect against XSS.

nicdev added a commit that referenced this pull request Feb 3, 2012

Merge pull request #1 from markjaquith/xss-esc_attr
Fix XSS issues in options form by properly using esc_attr().

@nicdev nicdev merged commit 6f33970 into nicdev:master Feb 3, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment