[wp-trac] [WordPress Trac] #4353: Users with edit_posts capability can see everyone's comments, IPs, and email addresses
WordPress Trac
wp-trac at lists.automattic.com
Wed Sep 9 21:00:44 UTC 2009
#4353: Users with edit_posts capability can see everyone's comments, IPs, and
email addresses
----------------------------------------------------------+-----------------
Reporter: idahofallzcom | Owner: markjaquith
Type: enhancement | Status: reopened
Priority: high | Milestone: 2.9
Component: Comments | Version: 2.7
Severity: normal | Resolution:
Keywords: needs-patch reporter-feedback needs-testcase |
----------------------------------------------------------+-----------------
Changes (by hakre):
* keywords: comments edit_posts IP email privacy subscriber author
role_manager => needs-patch reporter-feedback
needs-testcase
Comment:
Tested against 2.9-bleeding with a user having the subscribers role. That
user can not access ''wp-admin/edit-comments.php'' and therefore is unable
to edit comments.
Is there a testcase to actually figure out that this is something else
then worksforme? if not this should be closed.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/4353#comment:14>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list