[wp-trac] [WordPress Trac] #10310: add_menu_page Security Bug
WordPress Trac
wp-trac at lists.automattic.com
Sat Jan 16 07:51:54 UTC 2010
#10310: add_menu_page Security Bug
----------------------------------+-----------------------------------------
Reporter: shazahm1@… | Owner: ryan
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 2.8.1
Component: Menus | Version: 2.8
Severity: major | Resolution: fixed
Keywords: |
----------------------------------+-----------------------------------------
Comment(by miqrogroove):
> They are roles. That could be the problem.
Nah, the $access_level parameter has never been implemented for
add_menu_page. wp-admin/menu.php displays all top level menus unless all
children are forbidden. The hooks for those top level pages are totally
unchecked.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10310#comment:11>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list