[wp-trac] [WordPress Trac] #10246: New Security check for plugins
pages breaks backwards-compatible redirects
WordPress Trac
wp-trac at lists.automattic.com
Tue Jun 23 17:13:57 GMT 2009
#10246: New Security check for plugins pages breaks backwards-compatible redirects
--------------------------+-------------------------------------------------
Reporter: filosofo | Owner: ryan
Type: defect (bug) | Status: new
Priority: high | Milestone: 2.8.1
Component: Menus | Version: 2.8
Severity: major | Keywords: has-patch user_can_access_admin_page
--------------------------+-------------------------------------------------
[11595] and [11596] introduced checks to make sure that one can load only
plugin pages that have been registered.
The problem is that it fails before the backwards-compatible redirect has
a chance to do its thing. That backwards-compat redirect, in wp-
admin/admin.php, makes sure that plugins pointing at edit.php?* get
redirected to the 2.7+ tools.php pages.
Patch adds an entry in $_registered_pages for 'edit.php'-based hooknames
for each 'tools.php'-based hookname.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10246>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list