Make WordPress Core

Opened 19 years ago

Closed 19 years ago

Last modified 10 months ago

#2776 closed defect (bug) (fixed)

Editing other users is not properly nonced

Reported by: markjaquith's profile markjaquith Owned by: markjaquith's profile markjaquith
Milestone: Priority: normal
Severity: normal Version: 2.0.2
Component: Administration Keywords: nonce has-patch commit
Focuses: Cc:

Description

If you edit another user's profile/information, you get the "Are you sure?" prompt. Attached patch fixes it.

#2761 compounds matters, naturally.

Version: 2.0.3

Attachments (1)

correctly_nonce_user_editing.diff (555 bytes) - added by markjaquith 19 years ago.
patch for /branches/2.0/

Download all attachments as: .zip

Change History (6)

@markjaquith
19 years ago

patch for /branches/2.0/

#1 @markjaquith
19 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

I updated my "WordPress 2.0.3 Tuneup" plugin to fix this issue (version 0.2), so WordPress 2.0.3 users aren't stuck with this annoyance until our next release.

http://txfx.net/code/wordpress/wordpress-203-tuneup/

#2 @ryan
19 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [3838]) Edit profile nonce fix from markjaquith. fixes #2776

#3 @ryan
19 years ago

  • Resolution set to fixed

(In [3839]) Edit profile nonce fix from markjaquith. fixes #2776

#4 @ryan
19 years ago

  • Milestone set to 2.0.4

#5 @(none)
18 years ago

  • Milestone 2.0.4 deleted

Milestone 2.0.4 deleted

Note: See TracTickets for help on using tickets.