From c0613204695bc3b80e48ad1794333957ba71c9bb Mon Sep 17 00:00:00 2001 From: potreb <potreb@gmail.com> Date: Wed, 15 Sep 2021 12:17:59 +0200 Subject: [PATCH] fix: escaping --- templates/input-image.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/input-image.php b/templates/input-image.php index af9f792..cb9ae95 100644 --- a/templates/input-image.php +++ b/templates/input-image.php @@ -7,7 +7,7 @@ $media_container_id = 'media_' . sanitize_key( $field->get_id() ); ?> -<div class="media-input-wrapper" id="<?php echo $media_container_id; ?>"> +<div class="media-input-wrapper" id="<?php echo esc_attr( $media_container_id ); ?>"> <input type="hidden" class="image-field-value" value="<?php echo \esc_html( $value ); ?>" name="<?php echo \esc_attr( $name_prefix ) . '[' . \esc_attr( $field->get_name() ) . ']'; ?>" id="<?php echo \esc_attr( $field->get_id() ); ?>"/> -- GitLab