From c54e8d3c56027f1c87f62e54c722dc7c6e72f78a Mon Sep 17 00:00:00 2001 From: Champ Camba Date: Wed, 30 Nov 2016 13:37:33 +0800 Subject: [PATCH] Fix invalid security notice in set password --- core/um-actions-password.php | 1 + 1 file changed, 1 insertion(+) diff --git a/core/um-actions-password.php b/core/um-actions-password.php index 7fbbebf5..79f8f37a 100644 --- a/core/um-actions-password.php +++ b/core/um-actions-password.php @@ -171,6 +171,7 @@ } if( !is_user_logged_in() && isset( $args ) && ! um_is_core_page('password-reset') || + isset( $args['user_id'] ) && um_is_core_page('password-reset') || is_user_logged_in() && isset( $args['user_id'] ) && $args['user_id'] != get_current_user_id() ){ wp_die( __( 'This is not possible for security reasons.','ultimatemember') );