From 171d84103b4b719c95b734619c7351cf05b756a9 Mon Sep 17 00:00:00 2001
From: Remco Tolsma <869674+remcotolsma@users.noreply.github.com>
Date: Wed, 11 Oct 2023 14:50:41 +0200
Subject: [PATCH] Use `wp_kses` to allow only element.
---
src/Integration.php | 27 +++++++++++++++++----------
1 file changed, 17 insertions(+), 10 deletions(-)
diff --git a/src/Integration.php b/src/Integration.php
index 06b599c..aa7128a 100644
--- a/src/Integration.php
+++ b/src/Integration.php
@@ -406,17 +406,24 @@ public function get_settings_fields() {
'title' => \__( 'Authentication', 'pronamic_ideal' ),
'type' => 'custom',
'callback' => function () {
- \printf(
- /* translators: %s: Pronamic Pay settings page URL. */
- __( 'Go to the Pronamic Pay settings page for webhook authentication settings.', 'pronamic_ideal' ),
- \esc_url(
- \add_query_arg(
- [
- 'page' => 'pronamic_pay_settings',
- ],
- \admin_url( 'admin.php' )
+ echo \wp_kses(
+ \sprintf(
+ /* translators: %s: Pronamic Pay settings page URL. */
+ __( 'Go to the Pronamic Pay settings page for webhook authentication settings.', 'pronamic_ideal' ),
+ \esc_url(
+ \add_query_arg(
+ [
+ 'page' => 'pronamic_pay_settings',
+ ],
+ \admin_url( 'admin.php' )
+ )
)
- )
+ ),
+ [
+ 'a' => [
+ 'href' => true,
+ ],
+ ]
);
},
];