Exploitable bug with drafts!

  • Resolved imielsen

    (@imielsen)


    8 years, 8 months ago

    Hi,

    As far as I can tell, there is a bug. (or perhaps of course there is something I have misunderstood) ??

    I have tested this with a user I created on my site. I have journalists create posts on the front-end of my site. I have enabled the posts to become ‘pending’ when they create a post.
    However when a user creates a draft (with the ‘save as draft’ enabled) and then edits the post (with ‘edit post’ enabled) The draft-post becomes automatically published, without any authorization from admins.

    This must be some kind of bug. Or do you know how I can surpass this issue?

    Both the ‘save as draft’ and ‘edit posts’ are pretty much necessities for my journalists when creating posts for the site.

    https://www.ads-software.com/plugins/wp-user-frontend/

Viewing 1 replies (of 1 total)
  • Plugin Author weDevs

    (@wedevs)

    Navigate to the form -> Edit Settings -> then set the settings for “Set Post Status to” option. This status will work when the user edits the posts.

Viewing 1 replies (of 1 total)
  • The topic ‘Exploitable bug with drafts!’ is closed to new replies.