diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php
index 5c53f6805c..60fdab7f32 100644
|
a
|
b
|
function wp_ajax_query_themes() { |
| 3005 | 3005 | function wp_ajax_parse_embed() { |
| 3006 | 3006 | global $post, $wp_embed; |
| 3007 | 3007 | |
| 3008 | | if ( ! $post = get_post( (int) $_POST['post_ID'] ) ) { |
| 3009 | | wp_send_json_error(); |
| 3010 | | } |
| 3011 | | |
| 3012 | | if ( empty( $_POST['shortcode'] ) || ! current_user_can( 'edit_post', $post->ID ) ) { |
| | 3008 | if ( empty( $_POST['shortcode'] ) || ! current_user_can( 'edit_posts' ) ) { |
| 3013 | 3009 | wp_send_json_error(); |
| 3014 | 3010 | } |
| 3015 | 3011 | |
| … |
… |
function wp_ajax_parse_embed() { |
| 3026 | 3022 | } |
| 3027 | 3023 | |
| 3028 | 3024 | $parsed = false; |
| 3029 | | setup_postdata( $post ); |
| | 3025 | |
| | 3026 | $post_ID = (int) $_POST[ 'post_ID' ]; |
| | 3027 | if ( $post_ID && $post = get_post( $post_ID ) ) { |
| | 3028 | if ( ! current_user_can( 'edit_post', $post->ID ) ) { |
| | 3029 | wp_send_json_error(); |
| | 3030 | } |
| | 3031 | |
| | 3032 | setup_postdata( $post ); |
| | 3033 | } |
| 3030 | 3034 | |
| 3031 | 3035 | $wp_embed->return_false_on_fail = true; |
| 3032 | 3036 | |