From 1d0b575484e72a24f684950a100099c4c75c5ec1 Mon Sep 17 00:00:00 2001 From: Christoph Daum Date: Wed, 15 Apr 2026 09:05:30 +0200 Subject: [PATCH 1/3] fix(import): add read_post permission check Verify the user can read the source post before importing its content. Prevents leaking private post content across blogs. Closes #610 --- includes/ContentImport/ContentImporter.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/includes/ContentImport/ContentImporter.php b/includes/ContentImport/ContentImporter.php index 761ba89f5..512b46db2 100644 --- a/includes/ContentImport/ContentImporter.php +++ b/includes/ContentImport/ContentImporter.php @@ -110,6 +110,14 @@ public function handle_import( array $data = array() ) { return $data; } + switch_to_blog( $source_blog_id ); + $can_read = current_user_can( 'read_post', $source_post_id ); + restore_current_blog(); + + if ( ! $can_read ) { + return $data; + } + $source_lang = MslsBlogCollection::get_blog_language( $source_blog_id ); $dest_blog_id = get_current_blog_id(); $dest_lang = MslsBlogCollection::get_blog_language( get_current_blog_id() ); From fddc7c699819bc172abe10406f02fbacf381b2c6 Mon Sep 17 00:00:00 2001 From: Christoph Daum Date: Wed, 15 Apr 2026 09:05:52 +0200 Subject: [PATCH 2/3] fix(import): check post_type_exists on target blog Verify the post type is registered on the target blog before inserting. Returns early if the post type does not exist, preventing silent failures. Closes #611 --- includes/ContentImport/ContentImporter.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/includes/ContentImport/ContentImporter.php b/includes/ContentImport/ContentImporter.php index 512b46db2..4301fa417 100644 --- a/includes/ContentImport/ContentImporter.php +++ b/includes/ContentImport/ContentImporter.php @@ -242,6 +242,12 @@ protected function insert_blog_post( $blog_id, array $data = array() ) { switch_to_blog( $blog_id ); + if ( ! empty( $data['post_type'] ) && ! post_type_exists( $data['post_type'] ) ) { + restore_current_blog(); + + return false; + } + $this->handle( false ); if ( isset( $data['ID'] ) ) { $post_id = wp_update_post( $data ); From f3c5327d67301dada8cc54d857c9e62be31f0525 Mon Sep 17 00:00:00 2001 From: Christoph Daum Date: Wed, 15 Apr 2026 09:14:01 +0200 Subject: [PATCH 3/3] refactor(import): combine blog switch for read check and post fetch Fetch source post in the same switch_to_blog call as the read_post capability check, removing a redundant blog switch cycle. --- includes/ContentImport/ContentImporter.php | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/includes/ContentImport/ContentImporter.php b/includes/ContentImport/ContentImporter.php index 4301fa417..b6530ee3f 100644 --- a/includes/ContentImport/ContentImporter.php +++ b/includes/ContentImport/ContentImporter.php @@ -111,10 +111,11 @@ public function handle_import( array $data = array() ) { } switch_to_blog( $source_blog_id ); - $can_read = current_user_can( 'read_post', $source_post_id ); + $can_read = current_user_can( 'read_post', $source_post_id ); + $source_post = get_post( $source_post_id ); restore_current_blog(); - if ( ! $can_read ) { + if ( ! $can_read || ! $source_post instanceof \WP_Post ) { return $data; } @@ -128,14 +129,6 @@ public function handle_import( array $data = array() ) { return $data; } - switch_to_blog( $source_blog_id ); - $source_post = get_post( $source_post_id ); - restore_current_blog(); - - if ( ! $source_post instanceof \WP_Post ) { - return $data; - } - $import_coordinates = new ImportCoordinates(); $import_coordinates->source_blog_id = $source_blog_id;