[wp-trac] [WordPress Trac] #11810: Some users able to comment on unpublished posts

WordPress Trac wp-trac at lists.automattic.com
Thu Jan 7 17:26:50 UTC 2010


#11810: Some users able to comment on unpublished posts
--------------------------+-------------------------------------------------
 Reporter:  ericmann      |       Owner:       
     Type:  defect (bug)  |      Status:  new  
 Priority:  normal        |   Milestone:  2.9.2
Component:  Comments      |     Version:  2.9.1
 Severity:  normal        |    Keywords:       
--------------------------+-------------------------------------------------

Comment(by ericmann):

 I tested the following post types:
 Published
 Scheduled
 Draft
 Private
 Password Protected

 If you load the comments form in Firefox, you can manually edit the hidden
 field 'comment_post_ID' and input any post ID you want.  If the post ID
 you're entering belongs to a published, scheduled, or password protected
 post, your comment goes through.

 If the ID belongs to a draft or private post, though, you get an error.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11810#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list