diff --git a/src/wp-admin/includes/class-wp-comments-list-table.php b/src/wp-admin/includes/class-wp-comments-list-table.php
index b9eb0c2052090..1433818ccfb4f 100644
--- a/src/wp-admin/includes/class-wp-comments-list-table.php
+++ b/src/wp-admin/includes/class-wp-comments-list-table.php
@@ -654,6 +654,19 @@ public function single_row( $item ) {
$this->user_can = current_user_can( 'edit_comment', $comment->comment_ID );
+ $edit_post_cap = $post ? 'edit_post' : 'edit_posts';
+ if (
+ current_user_can( $edit_post_cap, $comment->comment_post_ID ) ||
+ (
+ empty( $post->post_password ) &&
+ current_user_can( 'read_post', $comment->comment_post_ID )
+ )
+ ) {
+ // The user has access to the post
+ } else {
+ return false;
+ }
+
echo "\n";
diff --git a/src/wp-admin/includes/class-wp-list-table.php b/src/wp-admin/includes/class-wp-list-table.php
index fefb69380e121..b3aebd9643cdf 100644
--- a/src/wp-admin/includes/class-wp-list-table.php
+++ b/src/wp-admin/includes/class-wp-list-table.php
@@ -851,6 +851,20 @@ protected function comments_bubble( $post_id, $pending_comments ) {
$pending_comments_number
);
+ $post_object = get_post( $post_id );
+ $edit_post_cap = $post_object ? 'edit_post' : 'edit_posts';
+ if (
+ current_user_can( $edit_post_cap, $post_id ) ||
+ (
+ empty( $post_object->post_password ) &&
+ current_user_can( 'read_post', $post_id )
+ )
+ ) {
+ // The user has access to the post and thus can see comments
+ } else {
+ return false;
+ }
+
if ( ! $approved_comments && ! $pending_comments ) {
// No comments at all.
printf(
diff --git a/src/wp-admin/includes/dashboard.php b/src/wp-admin/includes/dashboard.php
index 31eba07a2dc63..5b5042394965c 100644
--- a/src/wp-admin/includes/dashboard.php
+++ b/src/wp-admin/includes/dashboard.php
@@ -1109,7 +1109,16 @@ function wp_dashboard_recent_comments( $total_items = 5 ) {
echo '';