From dde07df1750f1a1b993fc01807a549273218f983 Mon Sep 17 00:00:00 2001 From: Darin Kotter Date: Wed, 6 Nov 2024 14:28:25 -0700 Subject: [PATCH] When our cache clearing AJAX action runs, check if the current user has proper permissions --- includes/class-simple-local-avatars.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/includes/class-simple-local-avatars.php b/includes/class-simple-local-avatars.php index 7746c1b..97fa80b 100644 --- a/includes/class-simple-local-avatars.php +++ b/includes/class-simple-local-avatars.php @@ -1388,6 +1388,13 @@ public function admin_body_class( $classes ) { */ public function sla_clear_user_cache() { check_ajax_referer( 'sla_clear_cache_nonce', 'nonce' ); + + // Ensure this was run by a user with proper privileges. + if ( ! current_user_can( 'manage_options' ) ) { + // Match what `check_ajax_referer` does. + wp_die( -1, 403 ); + } + $step = isset( $_REQUEST['step'] ) ? intval( $_REQUEST['step'] ) : 1; // Setup defaults.