From 577571f00e9062053335bb9d30a9a9ce682d962f Mon Sep 17 00:00:00 2001
From: Mehraz Morshed <mehrazmorshed@gmail.com>
Date: Sun, 27 Oct 2024 10:49:22 +0600
Subject: [PATCH 1/2] escaping functions added and modified in main.php file

---
 main.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/main.php b/main.php
index d8db97f9..50270281 100644
--- a/main.php
+++ b/main.php
@@ -74,7 +74,7 @@ function check_main( $theme_slug ) {
 		}
 
 		if ( empty( $theme['Template Version'] ) ) {
-			echo '<p>' . __( 'Child theme does not have the <strong>Template Version</strong> tag in style.css.', 'theme-check' ) . '</p>';
+			echo '<p>' . wp_kses_post( __( 'Child theme does not have the <strong>Template Version</strong> tag in style.css.', 'theme-check' ) ) . '</p>';
 		} elseif ( $theme['Template Version'] < $parent_theme['Version'] ) {
 			echo '<p>';
 			printf(
@@ -96,10 +96,9 @@ function check_main( $theme_slug ) {
 
 	$results = display_themechecks();
 
-	if ( ! $success ) {
-		echo '<h2>' . sprintf( __( 'One or more errors were found for %1$s.', 'theme-check' ), esc_html( $theme['Title'] ) ) . '</h2>';
+	if ( ! $success ) {echo '<h2>' . esc_html( sprintf( __( 'One or more errors were found for %1$s.', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
 	} else {
-		echo '<h2>' . sprintf( __( '%1$s passed the tests', 'theme-check' ), esc_html( $theme['Title'] ) ) . '</h2>';
+		echo '<h2>' . esc_html( sprintf( __( '%1$s passed the tests', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
 		tc_success();
 	}
 

From 41dbceb375645eb87f3e9a2d126af551ec003af9 Mon Sep 17 00:00:00 2001
From: Mehraz Morshed <mehrazmorshed@gmail.com>
Date: Sun, 27 Oct 2024 10:50:55 +0600
Subject: [PATCH 2/2] modified main.php file

---
 main.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/main.php b/main.php
index 50270281..2a4bf4dc 100644
--- a/main.php
+++ b/main.php
@@ -96,7 +96,8 @@ function check_main( $theme_slug ) {
 
 	$results = display_themechecks();
 
-	if ( ! $success ) {echo '<h2>' . esc_html( sprintf( __( 'One or more errors were found for %1$s.', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
+	if ( ! $success ) {
+		echo '<h2>' . esc_html( sprintf( __( 'One or more errors were found for %1$s.', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
 	} else {
 		echo '<h2>' . esc_html( sprintf( __( '%1$s passed the tests', 'theme-check' ), $theme['Title'] ) ) . '</h2>';
 		tc_success();