[wp-trac] [WordPress Trac] #10310: add_menu_page Security Bug
WordPress Trac
wp-trac at lists.automattic.com
Sat Jan 16 08:32:20 UTC 2010
#10310: add_menu_page Security Bug
----------------------------------+-----------------------------------------
Reporter: shazahm1@… | Owner: ryan
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 2.8.1
Component: Menus | Version: 2.8
Severity: major | Resolution: fixed
Keywords: |
----------------------------------+-----------------------------------------
Comment(by nacin):
Replying to [comment:13 miqrogroove]:
> Wow it's happening with some roles and not others. Isn't that
something...
What you might be noticing is this. On an admin user:
{{{
var_dump( current_user_can('administrator') ); // bool(true)
var_dump( current_user_can('editor') ); // bool(false)
}}}
Which seems to makes sense, as we don't compare the caps assigned to two
roles in core.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10310#comment:14>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list