Privilege escalation issue

  • Resolved noplanman

    (@noplanman)


    3 years, 5 months ago

    Hi!

    When a user has both the Subscriber and Editor role, the privilege escalation protection kicks in and blocks the login.

    Is this intentional?!
    Or am I missing some obvious setting somewhere?

    When I forcibly remove the Subscriber and leave only the Editor, it works fine to log in.

    The user role plugin we’re using automatically adds the Subscriber role by default, so it’s a bit of a pain at the moment, as we always need to remove that role again explicitly after saving the user profile.

    Armando

Viewing 1 replies (of 1 total)
  • Plugin Author nintechnet

    (@nintechnet)

    3 years, 5 months ago

    I can’t reproduce the problem. Whether the user has Subscriber + Editor role or Editor + Subscriber role, it can log in and do whatever an editor can do.
    Can you paste here the full firewall’s notification (you can edit your IP and name)?

Viewing 1 replies (of 1 total)

The topic ‘Privilege escalation issue’ is closed to new replies.