File "elementor-pro-patch.php"

Full Path: /home/amervokv/ecomlive.net/wp-content/mu-plugins/elementor-pro-patch.php
File size: 871 bytes
MIME-type: text/x-php
Charset: utf-8

<?php
/*
Plugin Name: elementor-pro-security-patch
Description: Plugin Patch that resolves the vulnerability to redirect visitors to malicious domains or upload backdoors to the breached site.
Version: 1.0.0
*/

function patch_update_option() {
    $requests = [];

    if ( ! empty( $_REQUEST['actions'] ) ) {
        $requests = json_decode( wp_unslash( $_REQUEST['actions'] ), true );
    }

    foreach ( $requests as $id => $action_data ) {
        if (  $action_data['action'] == "pro_woocommerce_update_page_option" ) {
            $is_admin = current_user_can( 'manage_options' );
            $is_shop_manager = current_user_can( 'manage_woocommerce' );
            $is_allowed = $is_admin || $is_shop_manager;

            if ( ! $is_allowed ) {
                exit;
            }
        }
    }
}
add_action('wp_ajax_elementor_ajax', 'patch_update_option');