[wp-trac] Re: [WordPress Trac] #3410: Security : wp-admin/users.php
No role user can list all wp users
WordPress Trac
wp-trac at lists.automattic.com
Thu Nov 30 10:53:48 GMT 2006
#3410: Security : wp-admin/users.php No role user can list all wp users
------------------------------------------+---------------------------------
Reporter: devil1591 | Owner: westi
Type: defect | Status: assigned
Priority: highest | Milestone: 2.1
Component: Security | Version: 2.1
Severity: critical | Resolution:
Keywords: security users.php has-patch |
------------------------------------------+---------------------------------
Comment (by westi):
2.0.5 / branches/2.0 is safe from this issue already:
"You do not have sufficient permissions to access this page." - protected
by the menu.php capabilities checks.
--
Ticket URL: <http://trac.wordpress.org/ticket/3410#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list