From dd907ab9cf3cb03496c6b2dadbb449530672481b Mon Sep 17 00:00:00 2001
From: saratheonline <saratheonline@gmail.com>
Date: Thu, 9 Apr 2026 15:31:59 +0530
Subject: [PATCH] REST API: Fix incorrect 403 status code for invalid post ID
 in Comments controller.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

`update_item()` was returning HTTP 403 (Forbidden) when a non-existent
  post ID was provided. The correct status is 404 (Not Found), as the
  resource is missing — not access-restricted.

  This also makes `update_item()` consistent with `get_item()` in the
  same controller, which already returns 404 for the same scenario.
---
 .../rest-api/endpoints/class-wp-rest-comments-controller.php    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
index f462928847c77..facd23ac02421 100644
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php
@@ -920,7 +920,7 @@ public function update_item( $request ) {
 				return new WP_Error(
 					'rest_comment_invalid_post_id',
 					__( 'Invalid post ID.' ),
-					array( 'status' => 403 )
+					array( 'status' => 404 )
 				);
 			}
 		}