Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conflict classic editor - can view other user's draft and pending posts #8689

Closed
wykhuh opened this issue Jul 25, 2019 · 1 comment

Comments

@wykhuh
Copy link

commented Jul 25, 2019

Prerequisites

  • I have searched for similar issues in both open and closed tickets and cannot find a duplicate.
  • The issue still exists against the latest stable version of Elementor.

Description

Steps to reproduce

  1. Install and activate Elementor and Classic Editor.
  2. Create two users with 'contributor' role.
  3. Have admin and contributors make a draft and pending posts with classic editor. (3 users x 2 posts = 6 total posts)
  4. Login in with one of the contributors accounts.
  5. Visit the 'Posts' page. Click 'edit' for draft/pending posts from the other two users.

image

  1. The user can view the content of pending/draft posts from other users.

image

Expected behavior:

User should not be able to view the content of pending/draft post for other users when they click on 'edit'.

Isolating the problem

  • This bug happens with only Elementor plugin active (and Elementor Pro).
  • This bug happens with a default WordPress theme active.
  • I can reproduce this bug consistently using the steps above.

Environment

System Info ```

== Server Environment ==
Operating System: Linux
Software: nginx/1.14.0
MySQL version: MySQL Community Server (GPL) v5.7.23
PHP Version: 7.2.9
PHP Max Input Vars: 4000
PHP Max Post Size: 1000M
GD Installed: Yes
ZIP Installed: Yes
Write Permissions: All right
Elementor Library: Connected

== WordPress Environment ==
Version: 5.2.2
Site URL: http://foo.local
Home URL: http://foo.local
WP Multisite: No
Max Upload Size: 300 MB
Memory limit: 256M
Permalink Structure: /%postname%/
Language: en-US
Timezone: 0
Debug Mode: Inactive

== Theme ==
Name: Twenty Nineteen
Version: 1.4
Author: the WordPress team
Child Theme: No

== User ==
Role: administrator
WP Profile lang: en_US
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.1 Safari/605.1.15

== Active Plugins ==
Classic Editor
Version: 1.5
Author: WordPress Contributors

Elementor
	Version: 2.6.6
	Author: Elementor.com

== Log ==
:

</details>
@shilo-ey

This comment has been minimized.

Copy link
Collaborator

commented Jul 30, 2019

This issue has been resolved in Elementor v2.6.7

Feel free to update

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.