[wp-trac] [WordPress Trac] #53386: Multisite is_super_admin call during app password validation can lead to infinite loop
WordPress Trac
noreply at wordpress.org
Fri Jun 11 18:42:20 UTC 2021
#53386: Multisite is_super_admin call during app password validation can lead to
infinite loop
----------------------------+-----------------------
Reporter: chrisvanpatten | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 5.9
Component: Users | Version:
Severity: normal | Resolution:
Keywords: | Focuses: rest-api
----------------------------+-----------------------
Changes (by TimothyBlynJacobs):
* focuses: => rest-api
* component: Application Passwords => Users
* milestone: Awaiting Review => 5.9
Comment:
To fix this, I think we need to make `is_super_admin` accept a `WP_User`
object, that when passed will use that instead of trying to query for the
current user. Then, `WP_User::has_cap` can pass in it's instance instead
of the id.
Semi related: #28020.
Cc @peterwilsoncc.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53386#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list