From a0922a8e998223ddf97ff6c6aa42c59668142196 Mon Sep 17 00:00:00 2001
From: Aaron Campbell <aaron@xavisys.com>
Date: Mon, 6 Mar 2017 13:03:54 +0000
Subject: [PATCH] Plugins: Add file check to plugin deletions.

Merges [40169] to 4.1 branch.


Built from https://develop.svn.wordpress.org/branches/4.1@40176


git-svn-id: http://core.svn.wordpress.org/branches/4.1@40115 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/plugins.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/wp-admin/plugins.php b/wp-admin/plugins.php
index afc83bb425..f12f9a2b4a 100644
--- a/wp-admin/plugins.php
+++ b/wp-admin/plugins.php
@@ -226,6 +226,14 @@ if ( $action ) {
 				exit;
 			}
 
+			// Bail on all if any paths are invalid.
+			// validate_file() returns truthy for invalid files
+			$invalid_plugin_files = array_filter( $plugins, 'validate_file' );
+			if ( $invalid_plugin_files ) {
+				wp_redirect( self_admin_url("plugins.php?plugin_status=$status&paged=$page&s=$s") );
+				exit;
+			}
+
 			include(ABSPATH . 'wp-admin/update.php');
 
 			$parent_file = 'plugins.php';