[wp-trac] [WordPress Trac] #44157: the comments/[id] endpoints should have the same permissions checks as the comments endpoint
WordPress Trac
noreply at wordpress.org
Fri Nov 21 17:40:36 UTC 2025
#44157: the comments/[id] endpoints should have the same permissions checks as the
comments endpoint
-------------------------------------------------+-------------------------
Reporter: tharsheblows | Owner:
| adamsilverstein
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Future
| Release
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: 2nd-opinion has-patch has-unit- | Focuses:
tests |
-------------------------------------------------+-------------------------
Changes (by adamsilverstein):
* owner: (none) => adamsilverstein
* status: new => assigned
Comment:
Leaving this open to consider further tightening restrictions for the
single comment endpoint any custom comment type. Perhaps we can start with
a "doing_it_wrong" waring in 7.0, then completely block in 7.1?
Also, we should consider backporting this fix to the 6.9 branch
@peterwilsoncc.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44157#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list