WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Avoid possible XSS when displaying the list of invalid plugins fixes #6871 for trunk props xknown. 

git-svn-id: http://svn.automattic.com/wordpress/trunk@8499 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
westi 2008-07-30 06:38:40 +00:00
parent 563e470237
commit 4134153d89
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-admin/plugins.php
View File

@ -168,7 +168,7 @@ require_once('admin-header.php');
$invalid = validate_active_plugins();
if( !empty($invalid) )
foreach($invalid as $plugin_file => $error)
echo '<div id="message" class="error"><p>' . sprintf(__('The plugin <code>%s</code> has been <strong>deactivated</strong> due to an error: %s'), $plugin_file, $error->get_error_message()) . '</p></div>';
echo '<div id="message" class="error"><p>' . sprintf(__('The plugin <code>%s</code> has been <strong>deactivated</strong> due to an error: %s'), wp_specialchars($plugin_file), $error->get_error_message()) . '</p></div>';
?>
<?php if ( isset($_GET['error']) ) : ?>