diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt
index 20d83971c..7e00e7963 100644
--- a/docs/changelog/7.x.x.txt
+++ b/docs/changelog/7.x.x.txt
@@ -17,6 +17,7 @@
  - fixed #11567: EMS: Build badge page, ticket tab, pagination
  - added: a new inbox setting which supresses friend rejection notices
  - fixed #11552: Visitors (and others) can bypass group-by-IP restrictions
+ - fixed #11572: visitors can enter editProfile
 
 7.9.4
  - We're shipping underscore.js now for its suite of extremely handy utility
diff --git a/lib/WebGUI/Operation/Profile.pm b/lib/WebGUI/Operation/Profile.pm
index 100154ded..5b1d808b4 100644
--- a/lib/WebGUI/Operation/Profile.pm
+++ b/lib/WebGUI/Operation/Profile.pm
@@ -185,6 +185,7 @@ A reference to the current session.
 
 sub www_editProfile {
 	my $session  = shift;
+    return $session->privilege->insufficient if $session->user->isVisitor;
     my $instance = WebGUI::Content::Account->createInstance($session,"profile");
     return $instance->displayContent($instance->callMethod("edit"));
 }