Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
04/20/2015 03:38:54 PM (10 years ago)
Author:
johnjamesjacoby
Message:

All: make sure URL variables are escaped (trunk)

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-core/admin/bp-core-admin-settings.php

    r9551 r9772  
    243243        <h2 class="nav-tab-wrapper"><?php bp_core_admin_tabs( __( 'Settings', 'buddypress' ) ); ?></h2>
    244244
    245         <form action="<?php echo $form_action ?>" method="post">
     245        <form action="<?php echo esc_url( $form_action ) ?>" method="post">
    246246
    247247            <?php settings_fields( 'buddypress' ); ?>
Note: See TracChangeset for help on using the changeset viewer.