Skip to content

Commit

Permalink
escaped html attributes
Browse files Browse the repository at this point in the history
  • Loading branch information
Konrad Karpieszuk committed Dec 28, 2021
1 parent 846c6f7 commit 540fb25
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions app/EditorBox/FrontEnd.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ private function render_add_image() {
?>
<form id="editor_box_add_image" method="post" enctype="multipart/form-data">
<?php wp_nonce_field( 'editor_box_img_nonce' ); ?>
<input type="file" id="ebox_image_select" name="<?php echo IMGINPUT; ?>" id="<?php echo IMGINPUT; ?>">
<input type="file" id="ebox_image_select" name="<?php echo esc_attr( IMGINPUT ); ?>" id="<?php echo esc_attr( IMGINPUT ); ?>">

</form>
<?php
Expand All @@ -78,7 +78,7 @@ function render_categories() {
<label for="editor_box_categories"><?php _e( 'Category', 'editor_box' ); ?></label>
<select name="editor_box_categories" class="one_third">
<?php foreach ( $categories as $category ) : ?>
<option value="<?php echo $category->term_id; ?>">
<option value="<?php echo esc_attr( $category->term_id ); ?>">
<?php echo esc_html($category->name ); ?>
</option>
<?php endforeach; ?>
Expand Down

0 comments on commit 540fb25

Please sign in to comment.