Bug #2628
closed
Spam User Changes Password
Added by Matt Gold almost 11 years ago.
Updated about 6 years ago.
Description
Hi Ray --
I received an email notification that a user marked as spam changed his/her/its password. How is that possible? My assumption was that users marked as spam would be locked out of the site. Please see attached screenshots, one of the notification email, the other of the member in the user list.
Files
Hi Matt,
Sorry for missing this issue.
Just tested this locally on a multisite install and I can duplicate your report. The good thing is spammers cannot login, so resetting the password is relatively harmless (albeit a little annoying for super admins!).
Let me know what you want to do to address this problem.
- Status changed from Assigned to Hold
- Priority name changed from High to Low
Hi Ray --
Okay, I'll put the ticket on hold, but can I suggest an upstream patch to WordPress? Happy to support the writing of such a patch on CUNY hours.
Awesome! thanks, Ray. Not sure it's worth the time, since this only happened once and I'm nipping most spam registrants in the bud soon after they register. If it becomes a nuisance, maybe we can move forward with a plugin.
- Status changed from Hold to Resolved
This was fixed upstream in WordPress v4.6.0.
Also available in: Atom
PDF