REST API: check parent and revision ids match before retrieving revision.

Adds a condition to check that parent id matches revision parent id in `WP_REST_Revisions_Controller` `get_item` method. Props ramonopoly, adamsilverstein, danielbachhuber, spacedmonkey, andrewserong. Fixes #59875. git-svn-id: https://develop.svn.wordpress.org/trunk@57222 602fd350-edb4-49c9-b593-d223f7449a82
2026-06-28 22:30:04 +00:00 · 2023-12-22 02:10:18 +00:00
parent a29cff625f
commit d1faee936d
3 changed files with 110 additions and 2 deletions
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-revisions-controller.php
@@ -387,6 +387,7 @@ class WP_REST_Revisions_Controller extends WP_REST_Controller {
 	 * Retrieves one revision from the collection.
 	 *
 	 * @since 4.7.0
+	 * @since 6.5.0 Added a condition to check that parent id matches revision parent id.
 	 *
 	 * @param WP_REST_Request $request Full details about the request.
 	 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
@@ -402,6 +403,15 @@ class WP_REST_Revisions_Controller extends WP_REST_Controller {
 			return $revision;
 		}

+		if ( (int) $parent->ID !== (int) $revision->post_parent ) {
+			return new WP_Error(
+				'rest_revision_parent_id_mismatch',
+				/* translators: %d: A post id. */
+				sprintf( __( 'The revision does not belong to the specified parent with id of "%d"' ), $parent->ID ),
+				array( 'status' => 404 )
+			);
+		}
+
 		$response = $this->prepare_item_for_response( $revision, $request );
 		return rest_ensure_response( $response );
 	}