asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape output vars of Admin Settings pages

Browse Source
This commit is contained in:
savvasha
2021-11-06 09:19:11 +02:00
parent 54eeca28e8
commit 0c9a9dc104
9 changed files with 51 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
includes/admin/settings/class-sp-settings-general.php
View File

@@ -356,13 +356,13 @@ class SP_Settings_General extends SP_Settings_Page {
<fieldset>
<?php foreach ( $color_schemes as $name => $colors ) { ?>
<div class="color-option sp-color-option">
<label data-sp-colors="<?php echo implode( ',', $colors ); ?>"><?php echo $name; ?></label>
<label data-sp-colors="<?php echo implode( ',', $colors ); ?>"><?php echo esc_attr( $name ); ?></label>
<table class="color-palette">
<tbody>
<tr>
<td style="background-color: #<?php echo $colors[0]; ?>">&nbsp;</td>
<td style="background-color: #<?php echo $colors[0]; ?>">&nbsp;</td>
<td style="background-color: #<?php echo $colors[4]; ?>">&nbsp;</td>
<td style="background-color: #<?php echo esc_attr( $colors[0] ); ?>">&nbsp;</td>
<td style="background-color: #<?php echo esc_attr( $colors[0] ); ?>">&nbsp;</td>
<td style="background-color: #<?php echo esc_attr( $colors[4] ); ?>">&nbsp;</td>
</tr>
</tbody>
</table>