From 169a73aaedb32925be4e527de1f2e9d79face79d Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Thu, 28 Feb 2019 12:07:20 +0000 Subject: [PATCH] Privacy: Escape Privacy Policy guide URL in in Privacy Policy edit page notice. Props itowhid06, garrett-eclipse. Fixes #44761. git-svn-id: https://develop.svn.wordpress.org/trunk@44779 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-admin/includes/misc.php | 2 +- src/wp-admin/privacy.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/wp-admin/includes/misc.php b/src/wp-admin/includes/misc.php index c3c2ae5f10..8a3be1093d 100644 --- a/src/wp-admin/includes/misc.php +++ b/src/wp-admin/includes/misc.php @@ -1644,7 +1644,7 @@ final class WP_Privacy_Policy_Content { /* translators: 1: Privacy Policy guide URL, 2: additional link attributes, 3: accessibility text */ printf( __( 'Need help putting together your new Privacy Policy page? Check out our guide%3$s for recommendations on what content to include, along with policies suggested by your plugins and theme.' ), - admin_url( 'tools.php?wp-privacy-policy-guide=1' ), + esc_url( admin_url( 'tools.php?wp-privacy-policy-guide=1' ) ), 'target="_blank"', sprintf( ' %s', diff --git a/src/wp-admin/privacy.php b/src/wp-admin/privacy.php index 3b6933df33..557e4a4187 100644 --- a/src/wp-admin/privacy.php +++ b/src/wp-admin/privacy.php @@ -182,7 +182,7 @@ require_once( ABSPATH . 'wp-admin/admin-header.php' ); printf( /* translators: 1: Privacy Policy guide URL, 2: additional link attributes, 3: accessibility text */ __( 'Need help putting together your new Privacy Policy page? Check out our guide%3$s for recommendations on what content to include, along with policies suggested by your plugins and theme.' ), - admin_url( 'tools.php?wp-privacy-policy-guide' ), + esc_url( admin_url( 'tools.php?wp-privacy-policy-guide' ) ), '', '' );