[wp-trac] [WordPress Trac] #5487: query.php mistakenly uses is_admin() to check for admin privileges

WordPress Trac wp-trac at lists.automattic.com
Wed Dec 19 15:37:04 GMT 2007


#5487: query.php mistakenly uses is_admin() to check for admin privileges
-----------------------+----------------------------------------------------
 Reporter:  pishmishy  |       Owner:  pishmishy     
     Type:  defect     |      Status:  new           
 Priority:  high       |   Milestone:  2.4           
Component:  Security   |     Version:  2.3.1         
 Severity:  major      |    Keywords:  query is_admin
-----------------------+----------------------------------------------------
 1. Create a draft post
 2. Log out
 3. Visit http://yourblog.com/index.php/wp-admin/
  - is_admin() spots the wp-admin in the request and returns true
  - query.php uses is_admin() to decide to return future, draft or pending
 posts
 4. Future, draft and pending posts are displayed.

 This doesn't require the ' in the request string as reported on Bugtraq.

 See http://www.securityfocus.com/archive/1/485252/30/0/threaded

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5487>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list