Skip to content
This repository was archived by the owner on Feb 23, 2024. It is now read-only.

Commit 8e65b5c

Browse files
nerradnerrad
committed
add extra block classname escaping
1 parent ebc61df commit 8e65b5c

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

src/BlockTypes/FeaturedCategory.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ public function render( $attributes = array(), $content = '' ) {
6464
wc_format_content( $category->description )
6565
);
6666

67-
$output = sprintf( '<div class="%1$s" style="%2$s">', $this->get_classes( $attributes ), $this->get_styles( $attributes, $category ) );
67+
$output = sprintf( '<div class="%1$s" style="%2$s">', esc_attr( $this->get_classes( $attributes ) ), esc_attr( $this->get_styles( $attributes, $category ) ) );
6868

6969
$output .= $title;
7070
if ( $attributes['showDesc'] ) {

src/BlockTypes/FeaturedProduct.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,7 @@ public function render( $attributes = array(), $content = '' ) {
7777
$product->get_price_html()
7878
);
7979

80-
$output = sprintf( '<div class="%1$s" style="%2$s">', $this->get_classes( $attributes ), $this->get_styles( $attributes, $product ) );
80+
$output = sprintf( '<div class="%1$s" style="%2$s">', esc_attr( $this->get_classes( $attributes ) ), esc_attr( $this->get_styles( $attributes, $product ) ) );
8181

8282
$output .= $title;
8383
if ( $attributes['showDesc'] ) {

0 commit comments

Comments
 (0)