Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<?php
/*
Plugin Name: PageLines Security Patcher
Description: Blocks the recent exploits for legacy themes in the event you cant update the themes.
Version: 1.0
Author: PageLines
*/
class Fix_Pagelines_Legacy {
function __construct() {
add_action( 'after_setup_theme', array( $this, 'sanitize' ) );
}
function sanitize() {
if( ! current_user_can( 'edit_themes' ) ) {
remove_all_actions( 'wp_ajax_pagelines_ajax_save_option' );
remove_action( 'admin_init', 'pagelines_register_settings', 5 );
}
}
}
new Fix_Pagelines_Legacy;
@jwenerd

This comment has been minimized.

Copy link

@jwenerd jwenerd commented Jan 22, 2015

This code breaks Pagelines for multisite where a normal administrator does not have the 'edit_themes' capability. Instead the capability should instead be 'edit_theme_options' which administrators possess on both single and multisite instances.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.