From f7a422eabccd3fe5095c41efad100c03d98f43e8 Mon Sep 17 00:00:00 2001 From: Brian Hogg Date: Tue, 18 Feb 2025 16:00:21 +0100 Subject: [PATCH 1/2] Avoid escaping text incorrectly. --- .../meta-boxes/fields/llms.class.meta.box.select.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/includes/admin/post-types/meta-boxes/fields/llms.class.meta.box.select.php b/includes/admin/post-types/meta-boxes/fields/llms.class.meta.box.select.php index b61f109fe2..f6cc2b18e6 100644 --- a/includes/admin/post-types/meta-boxes/fields/llms.class.meta.box.select.php +++ b/includes/admin/post-types/meta-boxes/fields/llms.class.meta.box.select.php @@ -82,18 +82,18 @@ class="field['class'] ); ?>" field['value'] as $key => $option ) : - $selected_text = ''; + $is_selected = false; if ( is_array( $selected ) ) { if ( in_array( $option['key'], $selected ) ) { - $selected_text = ' selected="selected" '; + $is_selected = true; } } elseif ( isset( $option['key'] ) && $option['key'] == $selected ) { - $selected_text = ' selected="selected" '; + $is_selected = true; } elseif ( $key === $selected ) { - $selected_text = ' selected="selected" '; + $is_selected = true; } ?> - + From c8cc5add0e5a86f51c583f7c818b7659f8a3b7c8 Mon Sep 17 00:00:00 2001 From: Brian Hogg Date: Tue, 18 Feb 2025 16:02:27 +0100 Subject: [PATCH 2/2] Changelog. --- .changelogs/fix-form-field-selected-escaping.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .changelogs/fix-form-field-selected-escaping.yml diff --git a/.changelogs/fix-form-field-selected-escaping.yml b/.changelogs/fix-form-field-selected-escaping.yml new file mode 100644 index 0000000000..15711f3885 --- /dev/null +++ b/.changelogs/fix-form-field-selected-escaping.yml @@ -0,0 +1,4 @@ +significance: patch +type: fixed +entry: Avoid escaping the selected attribute of a form field select dropdown + incorrectly.