From 6e1fe93a1cea8c1b96f2affc6c2aeb005e47a2a7 Mon Sep 17 00:00:00 2001 From: isabel_brison Date: Fri, 22 Dec 2023 02:12:21 +0000 Subject: [PATCH] REST API: check parent and revision ids match before retrieving revision. Adds a condition to check that parent id matches revision parent id in `WP_REST_Revisions_Controller` `get_item` method. Props ramonopoly, adamsilverstein, danielbachhuber, spacedmonkey, andrewserong. Fixes #59875. Built from https://develop.svn.wordpress.org/trunk@57222 git-svn-id: http://core.svn.wordpress.org/trunk@56728 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- .../endpoints/class-wp-rest-revisions-controller.php | 10 ++++++++++ wp-includes/version.php | 2 +- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php b/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php index 5501c190c1..415333661f 100644 --- a/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php +++ b/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php @@ -387,6 +387,7 @@ class WP_REST_Revisions_Controller extends WP_REST_Controller { * Retrieves one revision from the collection. * * @since 4.7.0 + * @since 6.5.0 Added a condition to check that parent id matches revision parent id. * * @param WP_REST_Request $request Full details about the request. * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure. @@ -402,6 +403,15 @@ class WP_REST_Revisions_Controller extends WP_REST_Controller { return $revision; } + if ( (int) $parent->ID !== (int) $revision->post_parent ) { + return new WP_Error( + 'rest_revision_parent_id_mismatch', + /* translators: %d: A post id. */ + sprintf( __( 'The revision does not belong to the specified parent with id of "%d"' ), $parent->ID ), + array( 'status' => 404 ) + ); + } + $response = $this->prepare_item_for_response( $revision, $request ); return rest_ensure_response( $response ); } diff --git a/wp-includes/version.php b/wp-includes/version.php index 7fccfff21e..4d3c480bbc 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.5-alpha-57221'; +$wp_version = '6.5-alpha-57222'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.