Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Plugin Name: PageLines Security Patcher
Description: Blocks the recent exploits for legacy themes in the event you cant update the themes.
Version: 1.0
Author: PageLines
class Fix_Pagelines_Legacy {
function __construct() {
add_action( 'after_setup_theme', array( $this, 'sanitize' ) );
function sanitize() {
if( ! current_user_can( 'edit_themes' ) ) {
remove_all_actions( 'wp_ajax_pagelines_ajax_save_option' );
remove_action( 'admin_init', 'pagelines_register_settings', 5 );
new Fix_Pagelines_Legacy;

This comment has been minimized.

Copy link

@jwenerd jwenerd commented Jan 22, 2015

This code breaks Pagelines for multisite where a normal administrator does not have the 'edit_themes' capability. Instead the capability should instead be 'edit_theme_options' which administrators possess on both single and multisite instances.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment