WordPress.org

Make WordPress Core

Opened 5 years ago

Last modified 5 years ago

#16129 closed defect (bug)

Incorrect cap check in wp-admin/includes/comment.php : edit_comment() — at Version 1

Reported by: westi Owned by:
Milestone: 3.1 Priority: normal
Severity: normal Version: 3.1
Component: Administration Keywords: has-patch commit
Focuses: Cc:

Description (last modified by ocean90)

Checks current_user_can( 'edit_post', $comment_post_ID )

But should be current_user_can( 'edit_comment', (int) $_POST['comment_ID'] )

Change History (3)

comment:1 @ocean905 years ago

  • Description modified (diff)

@casben795 years ago

Changed

@casben795 years ago

Patch File

Note: See TracTickets for help on using tickets.