Do not use this

  • This plugin crashed the security of a site, that members could access other member’s profiles.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support vupdraft

    (@vupdraft)

    Hi,

    It sounds like you had the option to servecache to logged in users checked.

    Uncheck this and you should not experience the issue

    Plugin Contributor Venkat Raj

    (@webulous)

    Hi

    If you turned on Serve cached pages to logged in users option (which tooltip says Enable this option if you do not have user-specific or restricted content on your website) You may have see admin bar at the top of page.

    Here is what happens, The first visitor to a particular page is a logged in user. The page is cached with admin bar. Then when another user visits the page, the cached page (with admin bar) is served to the user. This is a bug and will be fixed in the next release.

    However, you claim that it is a security breach which is not the case. Even though there is admin bar, if you try to visit the profile or dashboard, you’ll be greeted with login page, not restricted page/content.

    The only possibility I see is that, you are using the same browser for two or more different user accounts. In that case the login cookies are stored in your browser, so you won’t be greeted with login page because you are already a logged in user according to your browser.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Do not use this’ is closed to new replies.