[wp-trac] [WordPress Trac] #50024: comments section bug

WordPress Trac noreply at wordpress.org
Tue Apr 28 14:37:52 UTC 2020


#50024: comments section bug
-----------------------------+-----------------------------
 Reporter:  marciancarutasu  |      Owner:  (none)
     Type:  defect (bug)     |     Status:  new
 Priority:  normal           |  Milestone:  Awaiting Review
Component:  Comments         |    Version:
 Severity:  major            |   Keywords:
  Focuses:  privacy          |
-----------------------------+-----------------------------
 admins can edit comments on users behalf without their consent.
 I comment from "marciancarutasu at gmail.com", "I do not like your food"
 admin currently have the ability to change it into: "I love your food".
 No comment has been edited flag.
 On a larger scale can become a major security flaw.

 facebook allows comments to be approved or dissaproved, deleted even but
 not edited.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/50024>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list