Skip to:

Opened 17 months ago

#8070 new defect (bug)

Missing 'edit_users' check in member_can_edit()

Reported by: Venutius Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.2.0
Component: Members Keywords:


There seems to be a missing check for edit_users capability in the member_can_edit function on line 329 of bussypress/bp-members/classes/class-bp-members-admin.php:

$retval = bp_current_user_can( 'bp_moderate' );

This could be changed to:

$retval = ( bp_current_user_can( 'bp_moderate' ) || current_user_can( 'edit_users' ) );

Change History (0)

Note: See TracTickets for help on using tickets.