First of all I thank you guys for develop this plugin. I need to say as well that I’m not a english speaker, so sorry about any ununderstandable line.
Let me explain the problem with security.
This plugin uses CSS classes to hide the content of wordpress, but every browser nowadays has an option to “inspect element”. With this option is possible to show everything the Adminimize hides, just unchecking the CSS (display: none !important;) elements.
Today I created a new custom field to a custom post. I needed to hide from the users who had the “movies” role. So I added the class “acf15” in the write movies – option of adminimize plugin.
After that, I logged in as a Movies role user. Then I do a right mouse click -> inspect element – uncheck the “display none” check box and the field show up again.
How boring is that?
Once again thank you, but this plugin is useless, with you need some security over the hide fields.
How to resolve this problem?
Thank you so much!
- The topic ‘Security issue’ is closed to new replies.