vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-06-28 14:20:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

General: Don't pass $action to wp_get_session_token() in wp_create_nonce().

Browse Source 
The parameter appears to have been passed by accident, as the function does not accept any parameters.

Follow-up to [54218].

Props malavvasita, hztyfoon, dd32.
Fixes #58181.

git-svn-id: https://develop.svn.wordpress.org/trunk@55685 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
2023-04-25 14:55:28 +00:00
parent 26e3948fca
commit ed83c6aae8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/wp-includes/pluggable.php
View File

@@ -2359,7 +2359,7 @@ if ( ! function_exists( 'wp_create_nonce' ) ) :
$uid = apply_filters( 'nonce_user_logged_out', $uid, $action );
}
$token = wp_get_session_token( $action );
$token = wp_get_session_token();
$i = wp_nonce_tick( $action );
return substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce' ), -12, 10 );