Add edit_page cap check. Props josephscott. see WordPress#5313

ryanboren · ryanboren · commit bc7559450412 · 2008-02-02T17:55:40.000Z
git-svn-id: https://develop.svn.wordpress.org/trunk@6709 602fd350-edb4-49c9-b593-d223f7449a82
diff --git a/xmlrpc.php b/xmlrpc.php
@@ -1379,10 +1379,13 @@ function mw_editPost($args) {
 			!empty($content_struct["post_type"])
 			&& ($content_struct["post_type"] == "page")
 		) {
+			if( !current_user_can( 'edit_page', $post_ID ) ) {
+				return(new IXR_Error(401, __("Sorry, you do not have the right to edit this page.")));
+			}
+
 			$post_type = "page";
 		}
 
-		// Edit page caps are checked in editPage.  Just check post here.
 		if ( ( 'post' == $post_type ) && !current_user_can('edit_post', $post_ID) )
 			return new IXR_Error(401, __('Sorry, you can not edit this post.'));
 
