asc/sportspress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Escape using wp_kses_post() than esc_html() function

Browse Source
This commit is contained in:
savvasha
2021-11-07 06:50:17 +02:00
parent 52a074b586
commit e89ac79c7c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
includes/class-sp-shortcodes.php
View File

@@ -66,9 +66,9 @@ class SP_Shortcodes {
$before = empty( $wrapper['before'] ) ? '<div class="' . esc_attr( $wrapper['class'] ) . '">' : $wrapper['before']; $before = empty( $wrapper['before'] ) ? '<div class="' . esc_attr( $wrapper['class'] ) . '">' : $wrapper['before'];
$after = empty( $wrapper['after'] ) ? '</div>' : $wrapper['after']; $after = empty( $wrapper['after'] ) ? '</div>' : $wrapper['after'];
echo esc_html( $before ); echo wp_kses_post( $before );
call_user_func( $function, $atts ); call_user_func( $function, $atts );
echo esc_html( $after ); echo wp_kses_post( $after );
return ob_get_clean(); return ob_get_clean();
} }