Security problem

  • Resolved aurepons

    (@aurepons)


    8 years, 10 months ago

    Hi Jason,

    I have seen that you register the post type with public=>false attribute, but when I write post url at browser, or open the ‘view’ link in dashboard for any submission, I can see the complete content at front end !!!

    Maybe some users can be in trouble if their form submissions are public. I have tried to do ‘publicly_queryable’ => false, and it seems work, but not sure if this is enough.

    Could you give a look? Thanks and best regards.

    https://www.ads-software.com/plugins/contact-form-submissions/

Viewing 1 replies (of 1 total)
  • Plugin Author jasongreen

    (@jasongreen)

    Hi Aurepons

    Thanks for highlighting the issue. I have corrected and published an update to fix it.

Viewing 1 replies (of 1 total)
  • The topic ‘Security problem’ is closed to new replies.