Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Users: Check that a valid user is passed to `get_password_reset_key()`. 

Props edocev.
Fixes #44601.


Built from https://develop.svn.wordpress.org/trunk@44602


git-svn-id: http://core.svn.wordpress.org/trunk@44433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Gary Pendergast 2019-01-15 06:27:49 +00:00
parent a5d8a6bde3
commit 8ddef3e98d
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-includes/user.php
View File

@ -2217,6 +2217,10 @@ function wp_get_password_hint() {
function get_password_reset_key( $user ) {
global $wpdb, $wp_hasher;
if ( ! ( $user instanceof WP_User ) ) {
return new WP_Error( 'invalidcombo', __( '<strong>ERROR</strong>: There is no account with that username or email address.' ) );
}
/**
* Fires before a new password is retrieved.
*

2
wp-includes/version.php
View File

@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
$wp_version = '5.1-beta1-44601';
$wp_version = '5.1-beta1-44602';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.