[wp-trac] [WordPress Trac] #11383: $debug should be set to false for non-admin users

WordPress Trac wp-trac at lists.automattic.com
Thu Dec 10 13:10:15 UTC 2009


#11383: $debug should be set to false for non-admin users
-------------------------------+--------------------------------------------
 Reporter:  Denis-de-Bernardy  |       Owner:  ryan
     Type:  defect (bug)       |      Status:  new 
 Priority:  normal             |   Milestone:  2.9 
Component:  Security           |     Version:  2.9 
 Severity:  major              |    Keywords:      
-------------------------------+--------------------------------------------
 A non-admin user should not be allowed to see the list of queries run on a
 WP site by simply adding ?debug=1 to the url.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11383>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list