Home Forums WordPress Web Invoice – Invoicing and billing for WordPress Security Problem with Web Invoice — in confering access to non Admins

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
  • #3472

    Dear great one,

    I gave an editor access to web invoice and found out that he could in turn, now, give access to contributors, writers, etc…how can I prevent this, so that only I the admin can grant access to a specific status?

    This is a big security problem because someone can change the settings and send out invoices to their paypal account rather than that of my site…

    Am I confused…and not understanding how to use this plugin?


    Have you set the “Minimum User Level to Manage web-invoice” in “Web Invoice” -> “Settings” ? I’m unable to reproduce your issue.

    Make sure you are running latest version of Web Invoice (and not WP-Invoice).


    Yes I did, that is how I a granted the editor access. I just talked about this also under the issue of capability manager compatability. see mroe there

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.