Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Permissions issue! 1.12 #75

Closed
jcircle opened this Issue · 3 comments

4 participants

jcircle Konrad Sroka kusnob Slava UA
jcircle

On 1.12 if you are logged in and in the wp-admin as ANY user you can adjust the theme settings. This is a HUGE problem and needs addressed.

Slava UA slaFFik was assigned
Konrad Sroka

@slaFFik this would be high priority, like the content width thing..

Slava UA slaFFik closed this
kusnob

Uh ..i thought it was caused by http://wordpress.org/extend/plugins/user-meta-manager/
that I installed but it is not.
This security must be solved!!!...I try ad this code to function.php

function restrict_admin_with_redirect() {
if (!current_user_can('manage_options') && $_SERVER['PHP_SELF'] != '/wp-admin/admin-ajax.php') {
wp_redirect(site_url() ); exit;
}
}

add_action('admin_init', 'restrict_admin_with_redirect');

and results all user can not access their profile. I wonder where the user access limitation code inside the CC?

Konrad Sroka

Hi @kusnob, this issue should be fixed by the latest update I thought! Also saw the comment by @slaFFik..

@slaFFik wasn't it fixed? What do you think about the code posted here?

@kusnob did you test the latest version from GitHub here? Or do you use Pro version? New update for Pro and Free is on the way and will be published when some more of the urgent bugs are all fixed..

Thanks for your help and contribution! Konrad

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.