Sanitize importer delimiter

2021-11-05 22:24:22 +09:00
parent 9ca0c195c4
commit f3ee15c627
1 changed files with 1 additions and 1 deletions
--- a/includes/admin/importers/class-sp-importer.php
+++ b/includes/admin/importers/class-sp-importer.php
@@ -47,7 +47,7 @@ if ( class_exists( 'WP_Importer' ) ) {
 			$this->header();

 			if ( ! empty( $_POST['delimiter'] ) )
-				$this->delimiter = stripslashes( trim( $_POST['delimiter'] ) );
+				$this->delimiter = stripslashes( trim( sanitize_text_field( $_POST['delimiter'] ) ) );

 			if ( ! $this->delimiter )
 				$this->delimiter = ',';