Editor tried to change Theme and now is blocked

What was the email message, i.e., the reason why you were blocked?

It seems that you have modified the Editor capabilities and allowed them to change theme, is that correct?

Hi,
thanks for your answer. This was the email:

NinjaFirewall has blocked an attempt to modify a user capability by someone who does not have administrative privileges:

Blog: https://domain.ch/
Username: User, ID: xy
meta_key: th_capabilities
meta_value: a:2:{s:6:”editor”;b:1;s:15:”bbp_participant”;b:1;}

User IP: 195.48.34.47
SCRIPT_FILENAME: /home/path/domain/wp-admin/index.php
REQUEST_URI: /wp-admin/
Date: January 17, 2020 @ 10:41:55 (UTC +0100)

A PHP backtrace has been attached to this message for your convenience.

This protection (and notification) can be turned off from NinjaFirewall “Firewall Policies” page.

Sorry, don’t really remember, what happenend. Possible I was logged in in several Tabs as admin. Logged out, logged in as editor and switched to an Tab where I was logged in as admin where Design/Themes was open and I didn’t realize, that editor have no privileges for this. The basic privileges of editors are not changed.

Is there a way to delete this blocking?

thanks
Gerd

That would explain why you were blocked by the firewall.

Is there a way to delete this blocking?

The user shouldn’t be blocked: NinjaFirewall only blocked the privilege escalation attempt, but it didn’t blacklist the Editor user. You should be able to log in as usual.