[wp-trac] [WordPress Trac] #52169: REST API - User route security issue
WordPress Trac
noreply at wordpress.org
Thu Dec 24 06:02:48 UTC 2020
#52169: REST API - User route security issue
--------------------------+------------------------------
Reporter: rajanit2000 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 5.6
Severity: normal | Resolution:
Keywords: | Focuses: rest-api
--------------------------+------------------------------
Comment (by oglekler):
Hi! Profiles Rosetta sites (WP.org) users are public and searchable. So,
it is no point to hide them from API. In case of personal or company site
it can be done but it not supposed to be a very useful measure on a big
scale.
For tickets related to these sites is separate Trac:
https://meta.trac.wordpress.org/
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52169#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list