[wp-trac] [WordPress Trac] #40193: wp_ajax_crop_image capability checks too strict
WordPress Trac
noreply at wordpress.org
Sat Aug 19 13:18:59 UTC 2017
#40193: wp_ajax_crop_image capability checks too strict
-------------------------------------+-----------------------------
Reporter: Cybr | Owner: johnbillion
Type: defect (bug) | Status: reviewing
Priority: normal | Milestone: 4.9
Component: Media | Version: 4.3
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses: administration
-------------------------------------+-----------------------------
Changes (by johnbillion):
* owner: => johnbillion
* status: new => reviewing
* milestone: Awaiting Review => 4.9
Comment:
`wp_ajax_imgedit_preview()` and `wp_ajax_image_editor()` both use
`current_user_can( 'edit_post', $post_id )` as the capability check.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40193#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list