Prerequisites
Description
Steps to reproduce
- Install and activate Elementor and Classic Editor.
- Create two users with 'contributor' role.
- Have admin and contributors make a draft and pending posts with classic editor. (3 users x 2 posts = 6 total posts)
- Login in with one of the contributors accounts.
- Visit the 'Posts' page. Click 'edit' for draft/pending posts from the other two users.
- The user can view the content of pending/draft posts from other users.
Expected behavior:
User should not be able to view the content of pending/draft post for other users when they click on 'edit'.
Isolating the problem
Environment
System Info
```
== Server Environment ==
Operating System: Linux
Software: nginx/1.14.0
MySQL version: MySQL Community Server (GPL) v5.7.23
PHP Version: 7.2.9
PHP Max Input Vars: 4000
PHP Max Post Size: 1000M
GD Installed: Yes
ZIP Installed: Yes
Write Permissions: All right
Elementor Library: Connected
== WordPress Environment ==
Version: 5.2.2
Site URL: http://foo.local
Home URL: http://foo.local
WP Multisite: No
Max Upload Size: 300 MB
Memory limit: 256M
Permalink Structure: /%postname%/
Language: en-US
Timezone: 0
Debug Mode: Inactive
== Theme ==
Name: Twenty Nineteen
Version: 1.4
Author: the WordPress team
Child Theme: No
== User ==
Role: administrator
WP Profile lang: en_US
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.1 Safari/605.1.15
== Active Plugins ==
Classic Editor
Version: 1.5
Author: WordPress Contributors
Elementor
Version: 2.6.6
Author: Elementor.com
== Log ==
:
Prerequisites
Description
Steps to reproduce
Expected behavior:
User should not be able to view the content of pending/draft post for other users when they click on 'edit'.
Isolating the problem
Environment
System Info
```== Server Environment ==
Operating System: Linux
Software: nginx/1.14.0
MySQL version: MySQL Community Server (GPL) v5.7.23
PHP Version: 7.2.9
PHP Max Input Vars: 4000
PHP Max Post Size: 1000M
GD Installed: Yes
ZIP Installed: Yes
Write Permissions: All right
Elementor Library: Connected
== WordPress Environment ==
Version: 5.2.2
Site URL: http://foo.local
Home URL: http://foo.local
WP Multisite: No
Max Upload Size: 300 MB
Memory limit: 256M
Permalink Structure: /%postname%/
Language: en-US
Timezone: 0
Debug Mode: Inactive
== Theme ==
Name: Twenty Nineteen
Version: 1.4
Author: the WordPress team
Child Theme: No
== User ==
Role: administrator
WP Profile lang: en_US
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.1 Safari/605.1.15
== Active Plugins ==
Classic Editor
Version: 1.5
Author: WordPress Contributors
== Log ==
: