fixes sanitization for referrer in notifications as well

Author: avonville

includes/class-notification.php

@@ -430,7 +430,7 @@ public function get_merge_value( $tag ) {
                 break;
 
             case 'url_referer':
-                return isset( $_SERVER['HTTP_REFERER'] ) ? sanitize_text_field( wp_unslash( $_SERVER['HTTP_REFERER'] ) ) : '';
+                return isset( $_SERVER['HTTP_REFERER'] ) ? sanitize_url( wp_unslash( $_SERVER['HTTP_REFERER'] ) ) : '';
                 break;
 
             case 'url_login':