From f9a964594fe57018352ebe19888fe7a1296212d7 Mon Sep 17 00:00:00 2001 From: karthick-murugan Date: Tue, 12 Nov 2024 16:54:08 +0530 Subject: [PATCH] Add current user condition --- lib/compat/wordpress-6.7/rest-api.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/lib/compat/wordpress-6.7/rest-api.php b/lib/compat/wordpress-6.7/rest-api.php index 22d93db7386fee..b22252af4e62c3 100644 --- a/lib/compat/wordpress-6.7/rest-api.php +++ b/lib/compat/wordpress-6.7/rest-api.php @@ -194,6 +194,16 @@ function register_deactivate_plugins_endpoint() { * if the current user does not have the required permissions. */ function deactivate_all_plugins() { + + // Check if the current user has the necessary permissions. + if ( ! current_user_can( 'manage_options' ) ) { + return new WP_Error( + 'rest_forbidden', + __( 'You do not have permissions to perform this action', 'gutenberg' ), + array( 'status' => 403 ) + ); + } + // Load the necessary WordPress plugin functions. require_once ABSPATH . 'wp-admin/includes/plugin.php';