#3164 closed defect (bug) (fixed)
Editing after time limit via direct URL
Reported by: | Clorith | Owned by: | johnjamesjacoby |
---|---|---|---|
Milestone: | 2.6 | Priority: | normal |
Severity: | major | Version: | 2.5.14 |
Component: | API - Roles/Capabilities | Keywords: | has-patch |
Cc: |
Description
If you access the edit screen for a post or topic by appending /edit
to the URL you can make changes to your own post/topic after the time limit defined in wp-admin has passed.
The time limit appears to only hide the edit link from the hover-menu.
Attachments (1)
Change History (6)
Note: See
TracTickets for help on using
tickets.
Good catch. Thanks @SergeyBiryukov for the patch. I'm going to take a slightly different approach (we can bump up the
moderator
capability check to avoid duplicating it.)