Title: Exploitable bug with drafts!
Last modified: September 1, 2016

---

# Exploitable bug with drafts!

 *  Resolved [imielsen](https://wordpress.org/support/users/imielsen/)
 * (@imielsen)
 * [9 years, 10 months ago](https://wordpress.org/support/topic/exploitable-bug-with-drafts/)
 * Hi,
 * As far as I can tell, there is a bug. (or perhaps of course there is something
   I have misunderstood) 🙂
 * I have tested this with a user I created on my site. I have journalists create
   posts on the front-end of my site. I have enabled the posts to become ‘pending’
   when they create a post.
    However when a user creates a draft (with the ‘save
   as draft’ enabled) and then edits the post (with ‘edit post’ enabled) The draft-
   post becomes automatically published, without any authorization from admins.
 * This must be some kind of bug. Or do you know how I can surpass this issue?
 * Both the ‘save as draft’ and ‘edit posts’ are pretty much necessities for my 
   journalists when creating posts for the site.
 * [https://wordpress.org/plugins/wp-user-frontend/](https://wordpress.org/plugins/wp-user-frontend/)

Viewing 1 replies (of 1 total)

 *  Plugin Author [weDevs](https://wordpress.org/support/users/wedevs/)
 * (@wedevs)
 * [9 years, 10 months ago](https://wordpress.org/support/topic/exploitable-bug-with-drafts/#post-7569821)
 * Navigate to the form -> Edit Settings -> then set the settings for “Set Post 
   Status to” option. This status will work when the user edits the posts.

Viewing 1 replies (of 1 total)

The topic ‘Exploitable bug with drafts!’ is closed to new replies.

 * ![](https://ps.w.org/wp-user-frontend/assets/icon-256x256.gif?rev=2818776)
 * [User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration](https://wordpress.org/plugins/wp-user-frontend/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-user-frontend/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-user-frontend/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-user-frontend/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-user-frontend/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-user-frontend/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [weDevs](https://wordpress.org/support/users/wedevs/)
 * Last activity: [9 years, 10 months ago](https://wordpress.org/support/topic/exploitable-bug-with-drafts/#post-7569821)
 * Status: resolved