diff --git a/src/wp-admin/includes/user.php b/src/wp-admin/includes/user.php index e3a8f6008f..6780824de8 100644 --- a/src/wp-admin/includes/user.php +++ b/src/wp-admin/includes/user.php @@ -531,7 +531,7 @@ function default_password_nag() { echo '' . __( 'Notice:' ) . ' '; _e( 'You’re using the auto-generated password for your account. Would you like to change it?' ); echo '

'; - printf( '' . __( 'Yes, take me to my profile page' ) . ' | ', get_edit_profile_url() . '#password' ); + printf( '' . __( 'Yes, take me to my profile page' ) . ' | ', esc_url( get_edit_profile_url() . '#password' ) ); printf( '' . __( 'No thanks, do not remind me again' ) . '', '?default_password_nag=0' ); echo '

'; }