Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Skip add_query_arg() finding as false positive

Browse Source 
[MAILPOET-5230]
This commit is contained in:
alex-mailpoet
2023-04-18 23:25:42 +03:00
committed by Jan Jakeš
parent f12bb8e680
commit 930ff18785
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
mailpoet/lib/Form/Util/Export.php
View File

@@ -32,7 +32,7 @@ class Export {
'height="100%"', 'height="100%"',
'scrolling="no"', 'scrolling="no"',
'frameborder="0"', 'frameborder="0"',
'src="' . esc_url($iframeUrl) . '"', 'src="' . WPFunctions::get()->escUrl($iframeUrl) . '"',
'class="mailpoet_form_iframe"', 'class="mailpoet_form_iframe"',
'id="mailpoet_form_iframe"', 'id="mailpoet_form_iframe"',
'vspace="0"', 'vspace="0"',

2
mailpoet/lib/WP/Functions.php
View File

@@ -81,7 +81,7 @@ class Functions {
} }
public function addQueryArg($key, $value = false, $url = false) { public function addQueryArg($key, $value = false, $url = false) {
return add_query_arg($key, $value, $url); return add_query_arg($key, $value, $url); // nosemgrep: tools.wpscan-semgrep-rules.audit.php.wp.security.xss.query-arg
} }
public function addScreenOption($option, $args = []) { public function addScreenOption($option, $args = []) {