From ac094738539d12849ec3e815e7e24b58272dbc9d Mon Sep 17 00:00:00 2001 From: Gerhard Potgieter Date: Tue, 10 Jul 2018 10:56:49 +0200 Subject: [PATCH] Escape sku input properly for quickedit --- includes/admin/class-wc-admin-post-types.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/admin/class-wc-admin-post-types.php b/includes/admin/class-wc-admin-post-types.php index f287deb1095..52f842cf96d 100644 --- a/includes/admin/class-wc-admin-post-types.php +++ b/includes/admin/class-wc-admin-post-types.php @@ -352,7 +352,7 @@ class WC_Admin_Post_Types { if ( ! empty( $new_sku ) ) { $unique_sku = wc_product_has_unique_sku( $post_id, $new_sku ); if ( $unique_sku ) { - $product->set_sku( $new_sku ); + $product->set_sku( wc_clean( wp_unslash( $new_sku ) ) ); } } else { $product->set_sku( '' );