From d0379f4fb78d82af2e2cfdddb2cebbea9ca9f47b Mon Sep 17 00:00:00 2001
From: Gary Pendergast <pento@git.wordpress.org>
Date: Thu, 5 Feb 2015 06:04:32 +0000
Subject: [PATCH] Shiny Updates: Add capability checks to the ajax callbacks,
 to ensure the current user is allowed to install/update plugins.

See #29820



git-svn-id: https://develop.svn.wordpress.org/trunk@31334 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/includes/ajax-actions.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php
index b75033c5d6..d96220824f 100644
--- a/src/wp-admin/includes/ajax-actions.php
+++ b/src/wp-admin/includes/ajax-actions.php
@@ -2835,6 +2835,10 @@ function wp_ajax_destroy_sessions() {
  * @since 4.2.0
  */
 function wp_ajax_install_plugin() {
+	if ( ! current_user_can( 'install_plugins' ) ) {
+		wp_die( __('You do not have sufficient permissions to install plugins on this site.') );
+	}
+
 	check_ajax_referer( 'updates' );
 
 	include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );
@@ -2875,6 +2879,10 @@ function wp_ajax_install_plugin() {
  * @since 4.2.0
  */
 function wp_ajax_update_plugin() {
+	if ( ! current_user_can( 'update_plugins' ) ) {
+		wp_die( __('You do not have sufficient permissions to install plugins on this site.') );
+	}
+
 	check_ajax_referer( 'updates' );
 
 	include_once( ABSPATH . 'wp-admin/includes/class-wp-upgrader.php' );