#2389 closed defect (bug) (fixed)
users can edit their published posts via backend editing (even after editing should not be possible any more), make them sticky if they want, change published date etc.
Reported by: | quan_flo | Owned by: | johnjamesjacoby |
---|---|---|---|
Milestone: | 2.4 | Priority: | highest omg sweet tea |
Severity: | blocker | Version: | 2.3.2 |
Component: | API - Roles/Capabilities | Keywords: | |
Cc: | stephen@… |
Description
see http://bbpress.org/forums/topic/users-can-edit-their-published-posts-via-backend-editing/
This is a demonstration of the (as I think) bug.
Attachments (2)
Change History (11)
#2
@
11 years ago
- Cc stephen@… added
The link works for me, you can also see the post as a 'sticky' at the top of the forums http://bbpress.org/forums/
#3
@
11 years ago
Thanks @netweb I see it now.. and It's really cool :D
I will try to make a fix patch..
#4
@
11 years ago
hmmm.. I guess it's a security bug, is it safe to publish it here?! or even in the support forums ?!
#5
@
11 years ago
@quan_flo, Can you test the patch above 2389.patch ?
In also I think it's a WordPress bug, becuase they should
check the post type show_ui argument or something like that.
#7
@
11 years ago
- Owner set to johnjamesjacoby
- Resolution set to fixed
- Status changed from new to closed
In 5079:
404 error, The link is invaild :(