[wp-trac] [WordPress Trac] #50023: major core flaw in comments system found today 28 April 2020 16:00 GMT +3
WordPress Trac
noreply at wordpress.org
Tue Apr 28 13:52:29 UTC 2020
#50023: major core flaw in comments system found today 28 April 2020 16:00 GMT +3
-----------------------------+------------------------------
Reporter: marciancarutasu | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version:
Severity: major | Resolution:
Keywords: close | Focuses: privacy
-----------------------------+------------------------------
Comment (by marciancarutasu):
Hi @knutsp . I totally agree but hear me out a bit. Admins own the site,
but nobody has the ability to speak on my behalf.
a comment comming from "randomuser at gmail.com", if edited and moderated by
an admin, that edit has to be visible. "edited by admin". Even that I
think is 'illegal' in terms of privacy.
If I have 10 milion visitors a day, 1 milion of them could read something
I have never said, or turn a bad review into a good one, but untrue and
nobody would know.
Replying to [comment:2 knutsp]:
> Hello @marciancarutasu, welcome to Trac and thank you for the ticket.
>
> WordPress is self hosted, the the admin owns the site wit all it's
content.
> Admin users can edit any content on a site. Even if WordPress did not
allow it, they will usually also have access to alter the database content
as they wish.
>
> So this is how WordPress, and all self hosted software, work. The owner
has all access.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50023#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list