10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- fixed using esc_attr() in href="" attributes;

Browse Source
This commit is contained in:
Mykyta Synelnikov
2024-03-27 11:06:02 +02:00
parent 5b79b03be7
commit d48bcac683
9 changed files with 44 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/um-short-functions.php
+1 -1
View File
@@ -870,7 +870,7 @@ function um_user_submited_display( $k, $title, $data = array(), $style = true )
}
if ( ! empty( $filedata['original_name'] ) ) {
$v = '<a class="um-preview-upload" target="_blank" href="' . esc_attr( $baseurl . um_user( 'ID' ) . '/' . $file ) . '">' . esc_html( $filedata['original_name'] ) . '</a>';
$v = '<a class="um-preview-upload" target="_blank" href="' . esc_url( $baseurl . um_user( 'ID' ) . '/' . $file ) . '">' . esc_html( $filedata['original_name'] ) . '</a>';
} else {
$v = $baseurl . um_user( 'ID' ) . '/' . $file;
}