diff --git a/wishlist.module b/wishlist.module
index 77bbea053511136b0ffcd6f4d24460b88b0f817a..7a7eb70d310ce0380575db617b0f5b5316624eae 100644
--- a/wishlist.module
+++ b/wishlist.module
@@ -1065,12 +1065,12 @@ function wishlist_reveal_form() {
 	  '#type' => 'select',
   	  '#name' => 'wishlist_reveal',
   	  '#title' => '',
-  	  '#default_value' => (isset($_GET['wl_reveal']) ? $_GET['wl_reveal'] : 0),
+  	  '#default_value' => (isset($_GET['wl_reveal']) ? check_plain($_GET['wl_reveal']) : 0),
   	  '#options' => array(0 => t('Hide purchase details'), 1 => t('Show purchase details')),
   	  '#description' => '',
   	  '#multiple' => $multiple = FALSE,
   	  '#required' => $required = FALSE,
-  	  '#attributes' => array('onChange' => "top.location.href='/".$_GET['q']."?wl_reveal='+this.value"),
+  	  '#attributes' => array('onChange' => "top.location.href='/".check_plain($_GET['q'])."?wl_reveal='+this.value"),
     );
 	
     return $form;