diff --git a/app/controllers/tag_aliases_controller.rb b/app/controllers/tag_aliases_controller.rb
index 9bd339a2e..27957e3b3 100644
--- a/app/controllers/tag_aliases_controller.rb
+++ b/app/controllers/tag_aliases_controller.rb
@@ -15,7 +15,7 @@ class TagAliasesController < ApplicationController
     @tag_alias = TagAlias.find(params[:id])
 
     if @tag_alias.is_pending? && @tag_alias.editable_by?(CurrentUser.user)
-      @tag_alias.update_attributes(params[:tag_alias])
+      @tag_alias.update_attributes(update_params)
     end
 
     respond_with(@tag_alias)
@@ -46,4 +46,10 @@ class TagAliasesController < ApplicationController
     @tag_alias.approve!(CurrentUser.user.id)
     respond_with(@tag_alias, :location => tag_alias_path(@tag_alias))
   end
+
+private
+
+  def update_params
+    params.require(:tag_alias).permit(:antecedent_name, :consequent_name, :forum_topic_id)
+  end
 end
diff --git a/app/controllers/tag_implications_controller.rb b/app/controllers/tag_implications_controller.rb
index a5cfafc68..a893b53db 100644
--- a/app/controllers/tag_implications_controller.rb
+++ b/app/controllers/tag_implications_controller.rb
@@ -15,7 +15,7 @@ class TagImplicationsController < ApplicationController
     @tag_implication = TagImplication.find(params[:id])
 
     if @tag_implication.is_pending? && @tag_implication.editable_by?(CurrentUser.user)
-      @tag_implication.update_attributes(params[:tag_implication])
+      @tag_implication.update_attributes(update_params)
     end
 
     respond_with(@tag_implication)
@@ -51,4 +51,10 @@ class TagImplicationsController < ApplicationController
     @tag_implication.approve!(CurrentUser.user.id)
     respond_with(@tag_implication, :location => tag_implication_path(@tag_implication))
   end
+
+private
+
+  def update_params
+    params.require(:tag_implication).permit(:antecedent_name, :consequent_name, :forum_topic_id)
+  end
 end
diff --git a/app/models/tag_alias.rb b/app/models/tag_alias.rb
index fe869a97a..d7fa41245 100644
--- a/app/models/tag_alias.rb
+++ b/app/models/tag_alias.rb
@@ -19,7 +19,8 @@ class TagAlias < ActiveRecord::Base
   belongs_to :creator, :class_name => "User"
   belongs_to :approver, :class_name => "User"
   belongs_to :forum_topic
-  attr_accessible :antecedent_name, :consequent_name, :forum_topic_id, :status, :skip_secondary_validations
+  attr_accessible :antecedent_name, :consequent_name, :forum_topic_id, :skip_secondary_validations
+  attr_accessible :status, :as => [:admin]
 
   module SearchMethods
     def name_matches(name)
diff --git a/app/models/tag_implication.rb b/app/models/tag_implication.rb
index 82a0a2210..bf033b0e6 100644
--- a/app/models/tag_implication.rb
+++ b/app/models/tag_implication.rb
@@ -20,7 +20,8 @@ class TagImplication < ActiveRecord::Base
   validate :consequent_is_not_aliased
   validate :antecedent_and_consequent_are_different
   validate :wiki_pages_present, :on => :create
-  attr_accessible :antecedent_name, :consequent_name, :descendant_names, :forum_topic_id, :status, :forum_topic, :skip_secondary_validations
+  attr_accessible :antecedent_name, :consequent_name, :forum_topic_id, :skip_secondary_validations
+  attr_accessible :status, :as => [:admin]
 
   module DescendantMethods
     extend ActiveSupport::Concern