Support » Plugin: Image Widget » Image Widget esc_attr() function misplaced

  • Resolved devon


    This plugin is great, but I’ve been working on a theme that requires a widget_title() filter, and after updating the plugin today, I noticed that the widget title wasn’t displaying as intended any more.

    The widget_title() filter is currently applied in image-widget.php, on line 206:

    206: $title = apply_filters( 'widget_title', empty( $title ) ? '' : $title );

    Then, in views/widget.php, esc_attr() is applied to the $title output on line 12:

    12: if ( !empty( $title ) ) { echo $before_title . esc_attr($title) . $after_title; }

    This causes certain HTML markup added in the widget_title filter to display as encoded tags instead of as intended (see

    It seems to me that the esc_attr() function should be applied when saving/updating the widget, instead of when the output is being displayed.

    I hope the author will take this into consideration in a future update. Until then, I’ve modified my local copy of the plugin as a temporary fix – otherwise I just won’t be able to take advantage of plugin updates without testing them first.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Image Widget esc_attr() function misplaced’ is closed to new replies.