+ if ( empty( $_REQUEST['plugin'] ) ) {
+ return;
+ }
+
+ $api = plugins_api( 'plugin_information', array(
+ 'slug' => wp_unslash( $_REQUEST['plugin'] ),
+ 'is_ssl' => is_ssl(),
+ 'fields' => array( 'banners' => true, 'reviews' => true )
+ ) );
+
+ if ( is_wp_error( $api ) ) {
+ wp_die( $api );
+ }
+
+ $plugins_allowedtags = array(
+ 'a' => array( 'href' => array(), 'title' => array(), 'target' => array() ),
+ 'abbr' => array( 'title' => array() ), 'acronym' => array( 'title' => array() ),
+ 'code' => array(), 'pre' => array(), 'em' => array(), 'strong' => array(),
+ 'div' => array( 'class' => array() ), 'span' => array( 'class' => array() ),
+ 'p' => array(), 'ul' => array(), 'ol' => array(), 'li' => array(),
+ 'h1' => array(), 'h2' => array(), 'h3' => array(), 'h4' => array(), 'h5' => array(), 'h6' => array(),
+ 'img' => array( 'src' => array(), 'class' => array(), 'alt' => array() )
+ );
+
+ $plugins_section_titles = array(
+ 'description' => _x( 'Description', 'Plugin installer section title' ),
+ 'installation' => _x( 'Installation', 'Plugin installer section title' ),
+ 'faq' => _x( 'FAQ', 'Plugin installer section title' ),
+ 'screenshots' => _x( 'Screenshots', 'Plugin installer section title' ),
+ 'changelog' => _x( 'Changelog', 'Plugin installer section title' ),
+ 'reviews' => _x( 'Reviews', 'Plugin installer section title' ),
+ 'other_notes' => _x( 'Other Notes', 'Plugin installer section title' )
+ );
+
+ // Sanitize HTML
+ foreach ( (array) $api->sections as $section_name => $content ) {
+ $api->sections[$section_name] = wp_kses( $content, $plugins_allowedtags );
+ }
+
+ foreach ( array( 'version', 'author', 'requires', 'tested', 'homepage', 'downloaded', 'slug' ) as $key ) {
+ if ( isset( $api->$key ) ) {
+ $api->$key = wp_kses( $api->$key, $plugins_allowedtags );
+ }
+ }
+
+ $_tab = esc_attr( $tab );