[wp-trac] [WordPress Trac] #5487: query.php mistakenly uses
is_admin() to check for admin privileges
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 19 15:37:04 GMT 2007
#5487: query.php mistakenly uses is_admin() to check for admin privileges
-----------------------+----------------------------------------------------
Reporter: pishmishy | Owner: pishmishy
Type: defect | Status: new
Priority: high | Milestone: 2.4
Component: Security | Version: 2.3.1
Severity: major | Keywords: query is_admin
-----------------------+----------------------------------------------------
1. Create a draft post
2. Log out
3. Visit http://yourblog.com/index.php/wp-admin/
- is_admin() spots the wp-admin in the request and returns true
- query.php uses is_admin() to decide to return future, draft or pending
posts
4. Future, draft and pending posts are displayed.
This doesn't require the ' in the request string as reported on Bugtraq.
See http://www.securityfocus.com/archive/1/485252/30/0/threaded
--
Ticket URL: <http://trac.wordpress.org/ticket/5487>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list