WordPress.org

Make WordPress Core

Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#5535 closed defect (bug) (fixed)

Limit post_password exposure in XML-RPC metaWeblog.getRecentPosts

Reported by: josephscott Owned by:
Milestone: 2.3.2 Priority: normal
Severity: normal Version: 2.3.2
Component: XML-RPC Keywords: has-patch
Focuses: Cc:

Description

Add checks to metaWeblog.getRecentPosts so that only users who can edit a post will be provided a post_password, if one is set.

Attachments (1)

xmlrpc.php.diff (589 bytes) - added by josephscott 8 years ago.

Download all attachments as: .zip

Change History (4)

@josephscott8 years ago

comment:1 @ryan8 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [6496]) Limit post_password exposure. Props josephscott for the patch and xknown for the find. fixes #5535 for 2.4

comment:2 @ryan8 years ago

(In [6497]) Limit post_password exposure. Props josephscott for the patch and xknown for the find. fixes #5535 for 2.3

comment:3 @ryan8 years ago

  • Milestone changed from 2.4 to 2.3.2
Note: See TracTickets for help on using tickets.