Shortcode Manager
Suggest increasing edit_pages to update_core (3 posts)

  1. Callum Macdonald
    Posted 5 years ago #

    Hola Matt,

    Thanks for sharing this plugin.

    You filter the menu item based on the permission edit_pages. In my opinion, that is too low a permission. This means anyone with editor level permissions can run any PHP, javascript or other code almost anywhere on the site. That's a *massive* security risk. In my opinion, this should be restricted to only the highest level admin on the blog.

    I recommend instead of using edit_pages you use update_core. This requires only a single change of edit_pages to update_core on line 76 of index.php.

    Love & joy - Callum.


  2. logikal16
    Plugin Author

    Posted 4 years ago #

    Thanks, it's been implemented into the latest version.

  3. Callum Macdonald
    Posted 4 years ago #

    Great, glad I was able to help. :-)

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Shortcode Manager
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic