summaryrefslogtreecommitdiffstatshomepage
path: root/src/wp-admin/includes/class-custom-image-header.php
diff options
context:
space:
mode:
Diffstat (limited to 'src/wp-admin/includes/class-custom-image-header.php')
-rw-r--r--src/wp-admin/includes/class-custom-image-header.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/wp-admin/includes/class-custom-image-header.php b/src/wp-admin/includes/class-custom-image-header.php
index a4b04bf3fc..5c3271478b 100644
--- a/src/wp-admin/includes/class-custom-image-header.php
+++ b/src/wp-admin/includes/class-custom-image-header.php
@@ -934,7 +934,7 @@ endif;
<p class="hide-if-js"><strong><?php _e( 'You need JavaScript to choose a part of the image.' ); ?></strong></p>
<div id="crop_image" style="position: relative">
- <img src="<?php echo esc_url( $url ); ?>" id="upload" width="<?php echo $width; ?>" height="<?php echo $height; ?>" alt="" />
+ <img src="<?php echo esc_url( $url ); ?>" id="upload" width="<?php echo esc_attr( $width ); ?>" height="<?php echo esc_attr( $height ); ?>" alt="" />
</div>
<input type="hidden" name="x1" id="x1" value="0" />
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-01 07:48:38 +0000