phpcs error in WordPress

Yes it is correct. Escaping should be done based on context, and since wp_nonce_url() is used in an hrefas proper url, you should use esc_url.

Related Posts:

  1. How does nonce verification work?
  2. How to expire a nonce?
  3. Fatal error: Call to undefined function wp_create_nonce()
  4. How to add/retrieve the post trash link?
  5. Using nonce external of WP Admin
  6. Nonce best practices: hidden input vs. wp_localize_script?
  7. “The link you followed has expired” when previewing a post
  8. wp_verify_nonce keeps failing
  9. Handling nonce generation in AJAX registration process
  10. increase nonce lifespan
  11. wp_verify_nonce() via REST always returns false
  12. Nonce failing in IE
  13. my theme breaks WP export
  14. Why am I getting a 403 from check_admin_referer()?
  15. x-wp-nonce across domains
  16. wp_create_nonce doesn’t verify when using WP_List_Table
  17. Handling expired nonces
  18. What is really “wp_nonce_field” and how does it work? [duplicate]
  19. Cannot verify nonce
  20. wp_verify_nonce return false despite correct parameter passed
  21. WordPress JSON API nonces and Vue development server
  22. Verify a nonce in Form submission
  23. Stop WordPress nonces expiring
  24. Several nonces?
  25. Nonce for Trashing Item
  26. Nonce keeps failing
  27. Public posts – preventing duplicate form submissions
  28. How to obtain “wp_rest” nonce for WP Statistics plugin manually?
  29. WordPress “nonce” message
  30. CSP nonces with Cloudflare Workers
  31. Why are nonces working in Firefox but not in Chrome?
  32. wp_verfy_nonce keeps giving false
  33. Nonce – reissue with ajax poll
  34. wp_nonce_url generating invalid links
  35. How to insert wp_nonce field within echoed string
  36. Nonce check causing issues when creating new post
  37. Weird nonce validation problem
  38. Logout button in menu without “wp” in links
  39. Check nonce in the new bulk_edit_posts action
  40. wp_verify_nonce vs check_admin_referer
  41. Do I need a nonce field for every meta box I add to my custom post type admin?
  42. Can I use the same nonce for multiple requests on the same page?
  43. How to get a unique nonce for each Ajax request?
  44. Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
  45. Nonces and Cache
  46. Multiple ajax nonce requests
  47. What is nonce and how to use it with Ajax in WordPress? [duplicate]
  48. Getting “The link you followed has expired” when adding custom post [closed]
  49. Nonce in settings API with tabbed navigation
  50. WordPress “Link has expired” error on updating posts
  51. Can I verify nonce which was generated on a different WP site?
  52. Headless WordPress: How to authenticate front end requests?
  53. Nonces and Ajax request to REST API and verification
  54. How to stop _wpnonce and _wp_http_referer from appearing in URL
  55. Serving nonces through AJAX is not refreshing nonce, returning 403 error
  56. Security around save_post hook
  57. ajax and nonce when JavaScript is in a seperate file
  58. wp_verify_nonce doesn’t return true on server when it matches the nonce
  59. Full page NGINX (or Cloudflare) caching and WordPress nonces
  60. Verify Nonce returns false – Request Nonce returns correct value
  61. Why save_post_$(custom_post_type) is fired even if I am not already saving a post?
  62. wp-admin AJAX with Fetch API is done without user
  63. How can I create a plugin installation link?
  64. Nonce generated 0-12 hours ago
  65. Can a wp_nonce created from domain 1 to be verified on domain 2?
  66. Help with forms and nonces
  67. permission_callback has no effect
  68. Confusion regarding Nonce & using it in Custom Columns for Saving Checkbox Value to Post Meta
  69. WP REST API – Nonce passes wp_verify_nonce even after logout
  70. Use of check_admin_referer with theme options and options.php
  71. Custom post type: check permissions and validate nonce
  72. “The link you followed has expired” & “Error while saving” messages when adding new post
  73. SSO autologin WordPress + Ajax
  74. Is nonce in PHP form and Ajax both necessary?
  75. Are nonces in WP REST API optional by default?
  76. Nonce fails on ajax save
  77. Can you have more than one nonce on a page?
  78. My custom write panels won’t save data. What am I missing?
  79. Unable to successfully verify nonce
  80. wp_nonce_field is breaking form for reasons unknown
  81. Cache plugins and ajax nonce verification
  82. Forms and WordPress Nonce
  83. javascript ajax and nonce
  84. How to check nonce lifetime value of plugins?
  85. How to use the wpsnonce clone post link?
  86. Does this code indicate an exploit?
  87. Nonce failing with second argument
  88. Extend Nonce Lifetime for Specific Nonce Creation
  89. check_admin_referer not working in custom meta box for custom post type
  90. Ajax Security regarding user priviliges and nonces
  91. wp_nonce for Front-End submission form not working
  92. wp_verify_nonce fails always
  93. custom metabox nonce verification fails
  94. How to use nonces for frontend AJAX voting if the page gets cached?
  95. Using Nonce for my Form
  96. Metabox nonce not allowing update
  97. Saving metabox updates causing fatal error
  98. wp_verify_nonce for comment form is not returning false
  99. wp_verify_nonce is always false even when the nonces are identical
  100. Is there a solution to expired nonces in forms when using full page caching that doesn’t involve configuring the cache?