From e2d3bdf615383a58c6453ff170536664e71a15bb Mon Sep 17 00:00:00 2001 From: Gary Pendergast Date: Mon, 20 Apr 2015 06:27:25 +0000 Subject: [PATCH] Correctly escape theme version numbers when displaying them. Props collinsinternet. Built from https://develop.svn.wordpress.org/trunk@32170 git-svn-id: http://core.svn.wordpress.org/trunk@32145 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/themes.php | 2 +- wp-includes/class-wp-theme.php | 3 +++ wp-includes/version.php | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/wp-admin/themes.php b/wp-admin/themes.php index 3f59f2ab03..45776cc967 100644 --- a/wp-admin/themes.php +++ b/wp-admin/themes.php @@ -378,7 +378,7 @@ $can_delete = current_user_can( 'delete_themes' ); <# if ( data.active ) { #> <# } #> -

{{{ data.name }}}

+

{{{ data.name }}}

<# if ( data.hasUpdate ) { #> diff --git a/wp-includes/class-wp-theme.php b/wp-includes/class-wp-theme.php index 523c7339c4..b0115aef60 100644 --- a/wp-includes/class-wp-theme.php +++ b/wp-includes/class-wp-theme.php @@ -636,6 +636,9 @@ final class WP_Theme implements ArrayAccess { case 'Tags' : $value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) ); break; + case 'Version' : + $value = strip_tags( $value ); + break; } return $value; diff --git a/wp-includes/version.php b/wp-includes/version.php index 5ef9c7e1da..29ba526f61 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.2-RC1-32168'; +$wp_version = '4.2-RC1-32170'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.