[buddypress-trac] [BuddyPress] #3714: Buddypress users can log in via wp-admin, view site details
buddypress-trac at lists.automattic.com
buddypress-trac at lists.automattic.com
Wed Oct 26 22:55:05 UTC 2011
#3714: Buddypress users can log in via wp-admin, view site details
--------------------------+-----------------------------
Reporter: justin mason | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Core | Version: 1.5
Severity: normal | Keywords:
--------------------------+-----------------------------
'''Issue:''' Buddypress users can log-in via both wp-admin panel and the
buddypress login widget/home page login.
If a normal (standard permissions) buddypress user logs in via wp-admin,
it logs them in and redirects them to the homepage.
'''Problem:''' By typing wp-admin back into the browser, a logged in user
can navigate back into the admin panel and view post count, user count,
wordpress version, and other interesting information. This is data that
the user does not need.
Can we remove permissions to access this data for normal buddypress users?
See attachment.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/3714>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list