diff --git a/comments.php b/comments.php
index 41e812e0b..432b37b20 100644
--- a/comments.php
+++ b/comments.php
@@ -33,7 +33,7 @@
/* translators: the number of comments */
esc_html( _nx( '%1$s thought on “%2$s”', '%1$s thoughts on “%2$s”', get_comments_number(), 'comments title', '_s' ) ),
number_format_i18n( get_comments_number() ), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
- '' . get_the_title() . '' // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+ '' . wp_kses_post( get_the_title() ) . '' // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
);
?>
diff --git a/inc/template-tags.php b/inc/template-tags.php
index 7d30306cf..d76c24b36 100644
--- a/inc/template-tags.php
+++ b/inc/template-tags.php
@@ -77,7 +77,7 @@ function _s_entry_footer() {
sprintf(
/* translators: %s: Name of current post */
esc_html__( 'Edit %s', '_s' ),
- the_title( '"', '"', false )
+ wp_kses_post( get_the_title( '"', '"', false ) )
),
'',
''
@@ -255,7 +255,7 @@ function _s_get_the_title( $args = [] ) {
$args = wp_parse_args( $args, $defaults );
// Trim the title.
- return wp_trim_words( get_the_title( get_the_ID() ), $args['length'], $args['more'] );
+ return wp_kses_post( wp_trim_words( get_the_title( get_the_ID() ), $args['length'], $args['more'] ) );
}
/**
diff --git a/template-parts/content-password-protected.php b/template-parts/content-password-protected.php
index a4d757396..2bc310453 100644
--- a/template-parts/content-password-protected.php
+++ b/template-parts/content-password-protected.php
@@ -16,8 +16,27 @@
[],
+ 'label' => [
+ 'for' => [],
+ ],
+ 'form' => [
+ 'action' => [],
+ 'class' => [],
+ 'method' => [],
+ ],
+ 'input' => [
+ 'id' => [],
+ 'name' => [],
+ 'size' => [],
+ 'type' => [],
+ 'value' => [],
+ ],
+ ]
+ );
?>