summaryrefslogtreecommitdiffstats
path: root/wp-admin/admin-functions.php
diff options
context:
space:
mode:
Diffstat (limited to 'wp-admin/admin-functions.php')
-rw-r--r--wp-admin/admin-functions.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index 3cae3ae..038eb8c 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -412,8 +412,8 @@ function edit_user($user_id = 0) {
if (isset ($_POST['pass2']))
$pass2 = $_POST['pass2'];
- if (isset ($_POST['role'])) {
- if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
+ if (isset ($_POST['role']) && current_user_can('edit_users')) {
+ if ($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
$user->role = $_POST['role'];
}
generated by cgit (git 2.34.1) at 2026-03-06 11:51:14 +0000