Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#48895 closed defect (bug) (duplicate)

Anyone is able to access wp-admin to update the database when I update the core using wp-cli.

Reported by: ixkaito's profile ixkaito Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Database Keywords:
Focuses: administration Cc:


If I updated the core which requires database update via wp-cli, anyone would be able to access to update the database without login.

Change History (3)

#1 @dkarfa
4 years ago

Hi @ixkaito,
Can you give more context about it?

#2 @jeremyfelt
4 years ago

  • Component changed from Security to Database
  • Keywords needs-patch removed
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @ixkaito, thanks for opening a ticket.

I'm going to close this as a duplicate of #3901, as this is working as expected/designed and is not a security issue. Please see previous discussions on #3901 and #34200 for more background on the decision.

#3 @ixkaito
4 years ago

Thank you @jeremyfelt . I got it.

Note: See TracTickets for help on using tickets.