diff options
Diffstat (limited to 'plugins/jetpack/modules/widgets/eu-cookie-law/widget.php')
| -rw-r--r-- | plugins/jetpack/modules/widgets/eu-cookie-law/widget.php | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/plugins/jetpack/modules/widgets/eu-cookie-law/widget.php b/plugins/jetpack/modules/widgets/eu-cookie-law/widget.php index ef540452..c1b3e328 100644 --- a/plugins/jetpack/modules/widgets/eu-cookie-law/widget.php +++ b/plugins/jetpack/modules/widgets/eu-cookie-law/widget.php @@ -7,7 +7,7 @@ ?> <div - class="<?php echo implode( ' ', $classes ); ?>" + class="<?php echo esc_attr( implode( ' ', $classes ) ); ?>" data-hide-timeout="<?php echo (int) $instance['hide-timeout']; ?>" data-consent-expiration="<?php echo (int) $instance['consent-expiration']; ?>" id="eu-cookie-law" @@ -16,11 +16,13 @@ <input type="submit" value="<?php echo esc_attr( $instance['button'] ); ?>" class="accept" /> </form> - <?php if ( 'default' == $instance['text'] || empty( $instance['customtext'] ) ) { - echo nl2br( $instance['default-text'] ); + <?php + if ( 'default' === $instance['text'] || empty( $instance['customtext'] ) ) { + echo nl2br( esc_html( $instance['default-text'] ) ); } else { echo nl2br( esc_html( $instance['customtext'] ) ); - } ?> + } + ?> <?php $is_default_policy = 'default' === $instance['policy-url'] || empty( $instance['custom-policy-url'] ); |