[wp-trac] Re: [WordPress Trac] #5487: query.php mistakenly uses
is_admin() to check for admin privileges
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 19 17:19:28 GMT 2007
#5487: query.php mistakenly uses is_admin() to check for admin privileges
---------------------------------------------------+------------------------
Reporter: pishmishy | Owner: pishmishy
Type: defect | Status: assigned
Priority: high | Milestone: 2.4
Component: Security | Version: 2.3.1
Severity: major | Resolution:
Keywords: query is_admin has-patch dev-feedback |
---------------------------------------------------+------------------------
Comment (by ryan):
Actually, edit-pages.php and edit.php filter the results of the is_admin()
query. So I think all we need is a proper is_admin() check and not any
cap checks.
--
Ticket URL: <http://trac.wordpress.org/ticket/5487#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list