WordPress.org
Get WordPress

Plugin Directory

Changeset 3384176


Ignore:
Timestamp:
10/24/2025 06:00:22 PM (5 months ago)
Author:
wpfolderly
Message:

Updated capability checks to restrict sensitive REST API actions to admins

Location:
folderly
Files:
60 added
2 edited

Legend:

Unmodified
Added
Removed

  • folderly/trunk/includes/Rest/ConfigRoute.php

    r3163296 r3384176  
    8181     */
    8282    public function rest_permission_check() {
    83         return current_user_can( 'upload_files' );
     83        return current_user_can( 'manage_options' );
    8484    }
    8585

  • folderly/trunk/readme.txt

    r3326148 r3384176  
    66Tested up to: 6.8.1
    77Requires PHP: 7.4
    8 Stable tag: 0.3
     8Stable tag: 0.3.1
    99License: GPLv2 or later
    1010License URI: https://www.gnu.org/licenses/gpl-2.0.html
     
    109109= 0.3 =
    110110- Refactored the codebase
     111
     112= 0.3.1 =
     113- Updated capability checks to restrict sensitive REST API actions to admins
Note: See TracChangeset for help on using the changeset viewer.