[wp-trac] [WordPress Trac] #23939: Wrong capability check in wp_ajax_replyto_comment
WordPress Trac
noreply at wordpress.org
Sun Jul 5 18:48:40 UTC 2015
#23939: Wrong capability check in wp_ajax_replyto_comment
-----------------------------------+-----------------------------
Reporter: fgauthier | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Comments | Version: 3.1
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion | Focuses:
-----------------------------------+-----------------------------
Changes (by rachelbaker):
* keywords: has-patch => has-patch 2nd-opinion
* milestone: Awaiting Review => Future Release
Comment:
When replying to an unapproved comment in the Dashboard->Comments list-
table the parent comment is also automatically approved, this is where the
`edit_comment` check is needed. I left the original `edit_post`
capability check and added the (slightly redundant) `edit_comment` check
only when the comment is being moderated along with the reply.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/23939#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list