WordPress.org

Support

Support » Plugins and Hacks » Simple History » [Resolved] Wrong capability for settings menu

[Resolved] Wrong capability for settings menu

  • Hello,

    I noticed this plugins requires the capability edit_pages for access to its settings page. Is there any reason for this? Otherwise, all settings/options pages should require the capability manage_options because that’s what this capability is there for.

    Currently, non-admin users can easily mess with the plugin’s settings because they have the edit_pages capability. I think you might need to address this.

    http://wordpress.org/extend/plugins/simple-history/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Pär Thernström

    @eskapism

    thanks for finding and reporting this! i just updated the plugin to fix this.

    Hey, Pär. I just noticed that the History page under the Dashboard menu is also requiring the capability edit_pages. I suggest you change it as well; browsing the history and seeing who did what should be a task of admins only.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Resolved] Wrong capability for settings menu’ is closed to new replies.
Skip to toolbar