[wp-trac] [WordPress Trac] #23939: Wrong capability check in wp_ajax_replyto_comment
WordPress Trac
noreply at wordpress.org
Thu Apr 4 19:06:26 UTC 2013
#23939: Wrong capability check in wp_ajax_replyto_comment
--------------------------+------------------------------
Reporter: fgauthier | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch |
--------------------------+------------------------------
Comment (by fgauthier):
I may be confused, but wp_ajax_replyto_comment is called from the admin ->
comments console when the admin clicks the reply link of a comment, not a
post.
This function allows the admin to reply to a comment and potentially
approve the comment to which he is replying to.
It seems to me that we have a comment to check against, not a post.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23939#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list