issues
search
xwp
/
stream
🗄️ Stream plugin for WordPress
https://wordpress.org/plugins/stream/
GNU General Public License v2.0
405
stars
119
forks
source link
Check for caps before loading alert settings
#1432
Closed
schlessera
closed
1 year ago
schlessera
commented
1 year ago
This PR includes the following changes:
adds tests to trigger and assert the vulnerability described in
CVE-2022-43450
, props
@Lucisu
via
Patchstack
fixes
CVE-2022-43450
by adding a capability check to the 'wp_ajax_load_alerts_settings ' AJAX action.
Checklist
[x] Project documentation has been updated to reflect the changes in this pull request, if applicable.
[x] I have tested the changes in the local development environment (see
contributing.md
).
[x] I have added phpunit tests.
This PR includes the following changes:
Checklist
contributing.md
).