diff --git a/wp-includes/html-api/class-wp-html-tag-processor.php b/wp-includes/html-api/class-wp-html-tag-processor.php
index 5ba8aebc03..ec9e2c4391 100644
--- a/wp-includes/html-api/class-wp-html-tag-processor.php
+++ b/wp-includes/html-api/class-wp-html-tag-processor.php
@@ -2972,8 +2972,16 @@ class WP_HTML_Tag_Processor {
 		if ( true === $value ) {
 			$updated_attribute = $name;
 		} else {
+			$tag_name        = $this->get_tag();
+			$comparable_name = strtolower( $name );
+
+			/*
+			 * Escape URL attributes.
+			 *
+			 * @see https://html.spec.whatwg.org/#attributes-3
+			 */
 			$escaped_new_value = esc_attr( $value );
-			$updated_attribute = "{$name}=\"{$escaped_new_value}\"";
+			$updated_attribute = wp_kses_one_attr( "{$comparable_name}=\"{$escaped_new_value}\"", $tag_name );
 		}
 
 		/*
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 4d58f5da4f..46455a91d6 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,7 +16,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '6.6-beta3-58471';
+$wp_version = '6.6-beta3-58472';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.