summaryrefslogtreecommitdiffstats
path: root/wp-admin/admin.php
diff options
context:
space:
mode:
Diffstat (limited to 'wp-admin/admin.php')
-rw-r--r--wp-admin/admin.php12
1 files changed, 9 insertions, 3 deletions
diff --git a/wp-admin/admin.php b/wp-admin/admin.php
index b6e270c..91196b0 100644
--- a/wp-admin/admin.php
+++ b/wp-admin/admin.php
@@ -39,12 +39,15 @@ wp_enqueue_script( 'fat' );
$editing = false;
-require(ABSPATH . '/wp-admin/menu.php');
-
-// Handle plugin admin pages.
if (isset($_GET['page'])) {
$plugin_page = stripslashes($_GET['page']);
$plugin_page = plugin_basename($plugin_page);
+}
+
+require(ABSPATH . '/wp-admin/menu.php');
+
+// Handle plugin admin pages.
+if (isset($plugin_page)) {
$page_hook = get_plugin_page_hook($plugin_page, $pagenow);
if ( $page_hook ) {
@@ -76,6 +79,9 @@ if (isset($_GET['page'])) {
$importer = $_GET['import'];
+ if ( ! current_user_can('import') )
+ wp_die(__('You are not allowed to import.'));
+
if ( validate_file($importer) ) {
wp_die(__('Invalid importer.'));
}
generated by cgit (git 2.34.1) at 2026-01-10 17:05:45 +0000