From d809dcd103ccf5aa4fbb7733c9913b1d6e3a51d1 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Wed, 13 Feb 2008 18:14:38 +0000
Subject: [PATCH] Add a prophylactic specialchars to the object in explain
 nonce. see #5838

git-svn-id: https://develop.svn.wordpress.org/trunk@6817 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/functions.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 0387757cb5..6dff0f7bf0 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -1256,7 +1256,7 @@ function wp_explain_nonce( $action ) {
 				$object = $matches[4];
 				if ( 'use_id' != $lookup )
 					$object = call_user_func( $lookup, $object );
-				return sprintf( $trans[$verb][$noun][0], $object );
+				return sprintf( $trans[$verb][$noun][0], wp_specialchars($object) );
 			} else {
 				return $trans[$verb][$noun][0];
 			}