Ticket #40193: 40193.diff
File 40193.diff, 514 bytes (added by , 7 years ago) |
---|
-
src/wp-admin/includes/ajax-actions.php
diff --git src/wp-admin/includes/ajax-actions.php src/wp-admin/includes/ajax-actions.php index 33276d26fa..0b4740d67f 100644
function wp_ajax_crop_image() { 3219 3219 $attachment_id = absint( $_POST['id'] ); 3220 3220 3221 3221 check_ajax_referer( 'image_editor-' . $attachment_id, 'nonce' ); 3222 if ( ! current_user_can( ' customize') ) {3222 if ( ! current_user_can( 'edit_post', $attachment_id ) ) { 3223 3223 wp_send_json_error(); 3224 3224 } 3225 3225