[wp-trac] [WordPress Trac] #47718: Verification of new admin email address can be bypassed via options.php

WordPress Trac noreply at wordpress.org
Wed Jul 17 08:51:00 UTC 2019


#47718: Verification of new admin email address can be bypassed via options.php
--------------------------------+-----------------------------
 Reporter:  pixolin             |      Owner:  (none)
     Type:  defect (bug)        |     Status:  new
 Priority:  normal              |  Milestone:  Awaiting Review
Component:  Options, Meta APIs  |    Version:
 Severity:  normal              |   Keywords:
  Focuses:                      |
--------------------------------+-----------------------------
 If you want to change the admin email address for a single WordPress site
 (`wp-admin/options-general.php`), a confirmation is requested by sending a
 mail to the new mail address "to avoid the address being inadvertently set
 to an incorrect address" (#39118).

 If you change the mail address in `wp-admin/options.php` or use WP-CLI
 (`wp option update admin_email my at mail.com`), no email will be sent to the
 new address and no confirmation is required. The change is directly
 executed.

 While some users suggest using `options.php` to set a new admin email
 address as a workaround (eg. https://www.timjensen.us/change-admin-email-
 without-confirmation/) and "bypassing verification may have benefits in
 certain situations"
 (https://twitter.com/earnjam/status/1151404147813605376), the
 **verification process seems to be flawed**.

 I ''don't'' see this as a ''security risk'', as only logged in admins (or
 users with access to WP-CLI) can execute changes.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47718>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list