Ticket #33826: 33826.patch

src/wp-includes/pluggable.php

@@ -1691 +1691 @@
  * @since 2.0.0
  * @since 4.3.0 The `$plaintext_pass` parameter was changed to `$notify`.
  *
+ * @global wpdb         $wpdb      WordPress database object for queries.
+ * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance.
+ *
  * @param int    $user_id User ID.
  * @param string $notify  Optional. Type of notification that should happen. Accepts 'admin' or an empty
  *                        string (admin only), or 'both' (admin and user). The empty string value was kept
  *                        for backward-compatibility purposes with the renamed parameter. Default empty.
  */
 function wp_new_user_notification( $user_id, $notify = '' ) {
-        global $wpdb;
+        global $wpdb, $wp_hasher;
         $user = get_userdata( $user_id );
 
         // The blogname option is escaped with esc_html on the way into the database in sanitize_option
@@ -1821 +1824 @@
          * @param string|int $action The nonce action.
          * @param WP_User    $user   The current user object.
          * @param string     $token  The user's session token.
-         */ 
+         */
         do_action( 'wp_verify_nonce_failed', $nonce, $action, $user, $token );
 
         // Invalid nonce