[theme-reviewers] Exposing admin urls
edward.caissie at gmail.com
Fri May 17 23:22:17 UTC 2013
As a *recommendation* for Theme Authors to check, sure ... especially if
there are relevant links to the codex and/or examples on how to avoid the
On Fri, May 17, 2013 at 8:39 AM, Chip Bennett <chip at chipbennett.net> wrote:
> Is this an opportunity for clarification/elaboration in the Theme Security
> section of the Guidelines?
> On Fri, May 17, 2013 at 8:26 AM, Edward Caissie <edward.caissie at gmail.com>wrote:
>> A recommendation for the next release would likely suffice ... it may
>> have just been an over-sight on the Theme-Authors part to not wrap the link
>> in a conditional.
>> Edward Caissie
>> aka Cais.
>> On Fri, May 17, 2013 at 7:46 AM, esmi at quirm dot net <esmi at quirm.net>wrote:
>>> on 17/05/2013 12:15 Srikanth Koneru said the following:
>>> was asked to wrap current_user_can('edit_theme_**options') around an
>>>> url once, so you are not being picky :)
>>>> You can ask the theme author to display that message only for admin of
>>> Thanks. I'll make this a recommended step for a future update unless
>>> anyone else feels it's a show stopper.
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.**wordpress.org<theme-reviewers at lists.wordpress.org>
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the theme-reviewers