WordPress.org

Make WordPress Core

Opened 8 years ago

Closed 8 years ago

Last modified 7 years ago

#2776 closed defect (bug) (fixed)

Editing other users is not properly nonced

Reported by: markjaquith Owned by: markjaquith
Milestone: Priority: normal
Severity: normal Version: 2.0.2
Component: Administration Keywords: nonce has-patch commit
Focuses: Cc:

Description

If you edit another user's profile/information, you get the "Are you sure?" prompt. Attached patch fixes it.

#2761 compounds matters, naturally.

Version: 2.0.3

Attachments (1)

correctly_nonce_user_editing.diff (555 bytes) - added by markjaquith 8 years ago.
patch for /branches/2.0/

Download all attachments as: .zip

Change History (6)

markjaquith8 years ago

patch for /branches/2.0/

comment:1 markjaquith8 years ago

  • Owner changed from anonymous to markjaquith
  • Status changed from new to assigned

I updated my "WordPress 2.0.3 Tuneup" plugin to fix this issue (version 0.2), so WordPress 2.0.3 users aren't stuck with this annoyance until our next release.

http://txfx.net/code/wordpress/wordpress-203-tuneup/

comment:2 ryan8 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [3838]) Edit profile nonce fix from markjaquith. fixes #2776

comment:3 ryan8 years ago

  • Resolution set to fixed

(In [3839]) Edit profile nonce fix from markjaquith. fixes #2776

comment:4 ryan8 years ago

  • Milestone set to 2.0.4

comment:5 anonymous7 years ago

  • Milestone 2.0.4 deleted

Milestone 2.0.4 deleted

Note: See TracTickets for help on using tickets.