Themes: Use `esc_url()` for theme screenshots on the Themes screen.

This brings consistency with how screenshots are escaped elsewhere. Follow-up to [52020], [52947]. See #53370. Built from https://develop.svn.wordpress.org/trunk@52949 git-svn-id: http://core.svn.wordpress.org/trunk@52538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-18 13:44:03 +00:00 · 2022-03-18 13:44:03 +00:00 · fc469e56ca
parent 775ae0b5f6
commit fc469e56ca
2 changed files with 2 additions and 2 deletions
--- a/wp-admin/themes.php
+++ b/wp-admin/themes.php
@ -388,7 +388,7 @@ foreach ( $themes as $theme ) :
 <div class="theme<?php echo $active_class; ?>">
 	<?php if ( ! empty( $theme['screenshot'][0] ) ) { ?>
 		<div class="theme-screenshot">
-			<img src="<?php echo esc_attr( $theme['screenshot'][0] . '?ver=' . $theme['version'] ); ?>" alt="" />
+			<img src="<?php echo esc_url( $theme['screenshot'][0] . '?ver=' . $theme['version'] ); ?>" alt="" />
 		</div>
 	<?php } else { ?>
 		<div class="theme-screenshot blank"></div>
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -16,7 +16,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '6.0-alpha-52948';
+$wp_version = '6.0-alpha-52949';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.