[wp-trac] [WordPress Trac] #14986: Make WordPress roles/capabilities more secure (edit_users related)
WordPress Trac
wp-trac at lists.automattic.com
Thu Jan 13 11:22:33 UTC 2011
#14986: Make WordPress roles/capabilities more secure (edit_users related)
-----------------------------+-----------------------------
Reporter: Otto42 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Role/Capability | Version:
Severity: normal | Resolution:
Keywords: |
-----------------------------+-----------------------------
Comment (by designbymerovingi):
My solution to this issue is to add && current_user_can('promote_users')
on line 229 (wp 3.0.3) to solve the "editors should not promote" problem.
Why are we not utilizing promote_users more?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14986#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list