WordPress.org

Ready to get started?Download WordPress

Forums

Shortcode Manager
Suggest increasing edit_pages to update_core (3 posts)

  1. Callum Macdonald
    Member
    Posted 3 years ago #

    Hola Matt,

    Thanks for sharing this plugin.

    You filter the menu item based on the permission edit_pages. In my opinion, that is too low a permission. This means anyone with editor level permissions can run any PHP, javascript or other code almost anywhere on the site. That's a *massive* security risk. In my opinion, this should be restricted to only the highest level admin on the blog.

    I recommend instead of using edit_pages you use update_core. This requires only a single change of edit_pages to update_core on line 76 of index.php.

    Love & joy - Callum.

    http://wordpress.org/extend/plugins/shortbus/

  2. logikal16
    Member
    Plugin Author

    Posted 3 years ago #

    Thanks, it's been implemented into the latest version.

  3. Callum Macdonald
    Member
    Posted 3 years ago #

    Great, glad I was able to help. :-)

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags