Fix security check on email template preview page.

The nonce generated on the previous page was not being verified properly due to mismatched brackets (the second argument to wp_verify_nonce was not being passed).
This commit is contained in:
Leon Aves 2019-04-18 00:08:00 +01:00 committed by GitHub
parent 14241b3f19
commit 60148d7f8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

View File

@ -204,7 +204,7 @@ class WC_Admin {
public function preview_emails() {
if ( isset( $_GET['preview_woocommerce_mail'] ) ) {
if ( ! ( isset( $_REQUEST['_wpnonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'], 'preview-mail' ) ) ) ) ) {
if ( ! ( isset( $_REQUEST['_wpnonce'] ) && wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ), 'preview-mail' ) ) ) {
die( 'Security check' );
}