diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php
index 87051db58e..b62f6f55a8 100644
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-themes-controller.php
@@ -58,15 +58,21 @@ class WP_REST_Themes_Controller extends WP_REST_Controller {
 	 * @return true|WP_Error True if the request has read access for the item, otherwise WP_Error object.
 	 */
 	public function get_items_permissions_check( $request ) {
-		if ( ! is_user_logged_in() || ! current_user_can( 'edit_posts' ) ) {
-			return new WP_Error(
-				'rest_user_cannot_view',
-				__( 'Sorry, you are not allowed to view themes.' ),
-				array( 'status' => rest_authorization_required_code() )
-			);
+		if ( current_user_can( 'edit_posts' ) ) {
+			return true;
 		}
 
-		return true;
+		foreach ( get_post_types( array( 'show_in_rest' => true ), 'objects' ) as $post_type ) {
+			if ( current_user_can( $post_type->cap->edit_posts ) ) {
+				return true;
+			}
+		}
+
+		return new WP_Error(
+			'rest_user_cannot_view',
+			__( 'Sorry, you are not allowed to view themes.' ),
+			array( 'status' => rest_authorization_required_code() )
+		);
 	}
 
 	/**
diff --git a/tests/phpunit/tests/rest-api/rest-themes-controller.php b/tests/phpunit/tests/rest-api/rest-themes-controller.php
index 931b479572..0da8553ad9 100644
--- a/tests/phpunit/tests/rest-api/rest-themes-controller.php
+++ b/tests/phpunit/tests/rest-api/rest-themes-controller.php
@@ -155,6 +155,15 @@ class WP_Test_REST_Themes_Controller extends WP_Test_REST_Controller_Testcase {
 		$this->assertEqualSets( $fields, array_keys( $data[0] ) );
 	}
 
+	/**
+	 * @ticket 46723
+	 */
+	public function test_get_items_logged_out() {
+		wp_set_current_user( 0 );
+		$response = self::perform_active_theme_request();
+		$this->assertErrorResponse( 'rest_user_cannot_view', $response, 401 );
+	}
+
 	/**
 	 * An error should be returned when the user does not have the edit_posts capability.
 	 *
@@ -166,6 +175,18 @@ class WP_Test_REST_Themes_Controller extends WP_Test_REST_Controller_Testcase {
 		$this->assertErrorResponse( 'rest_user_cannot_view', $response, 403 );
 	}
 
+	/**
+	 * @ticket 46723
+	 */
+	public function test_get_item_single_post_type_cap() {
+		$user = self::factory()->user->create_and_get();
+		$user->add_cap( 'edit_pages' );
+		wp_set_current_user( $user->ID );
+
+		$response = self::perform_active_theme_request();
+		$this->assertEquals( 200, $response->get_status() );
+	}
+
 	/**
 	 * Test an item is prepared for the response.
 	 *