Use esc_html. Ancient, deprecated functions, but a valid fix nonetheless. fixes #14199.

git-svn-id: http://svn.automattic.com/wordpress/trunk@16031 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/functions.php

@@ -554,7 +554,6 @@ function update_option( $option, $newvalue ) {
  * @package WordPress
  * @subpackage Option
  * @since 1.0.0
- * @link http://alex.vort-x.net/blog/ Thanks Alex Stapleton
  *
  * @uses do_action() Calls 'add_option' hook before adding the option.
  * @uses do_action() Calls 'add_option_$option' and 'added_option' hooks on success.

wp-includes/rss.php

@@ -891,7 +891,7 @@ function wp_rss( $url, $num_items = -1 ) {
 				'<li><a href="%1$s" title="%2$s">%3$s</a></li>',
 				esc_url( $item['link'] ),
 				esc_attr( strip_tags( $item['description'] ) ),
-				htmlentities( $item['title'] )
+				esc_html( $item['title'] )
 			);
 		}
 
@@ -926,7 +926,7 @@ function get_rss ($url, $num_items = 5) { // Like get posts, but for RSS
 		foreach ( (array) $rss->items as $item ) {
 			echo "<li>\n";
 			echo "<a href='$item[link]' title='$item[description]'>";
-			echo htmlentities($item['title']);
+			echo esc_html($item['title']);
 			echo "</a><br />\n";
 			echo "</li>\n";
 		}