WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#2776 closed defect (bug) (fixed)

Editing other users is not properly nonced

Reported by: markjaquith Owned by: markjaquith
Priority: normal Milestone:
Component: Administration Version: 2.0.2
Severity: normal Keywords: nonce has-patch commit
Cc:

Description

If you edit another user's profile/information, you get the "Are you sure?" prompt. Attached patch fixes it.

#2761 compounds matters, naturally.

Version: 2.0.3

Attachments (1)

correctly_nonce_user_editing.diff (555 bytes) - added by markjaquith 7 years ago.
patch for /branches/2.0/

Download all attachments as: .zip

Change History (6)

markjaquith7 years ago

patch for /branches/2.0/

comment:1 markjaquith7 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

I updated my "WordPress 2.0.3 Tuneup" plugin to fix this issue (version 0.2), so WordPress 2.0.3 users aren't stuck with this annoyance until our next release.

http://txfx.net/code/wordpress/wordpress-203-tuneup/

comment:2 ryan7 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [3838]) Edit profile nonce fix from markjaquith. fixes #2776

comment:3 ryan7 years ago

  • Resolution set to fixed

(In [3839]) Edit profile nonce fix from markjaquith. fixes #2776

comment:4 ryan7 years ago

  • Milestone set to 2.0.4

comment:5 anonymous7 years ago

  • Milestone 2.0.4 deleted

Milestone 2.0.4 deleted

Note: See TracTickets for help on using tickets.