[wp-trac] [WordPress Trac] #49956: Spammers able to share unmoderated comments

WordPress Trac noreply at wordpress.org
Sun Apr 19 20:58:33 UTC 2020


#49956: Spammers able to share unmoderated comments
--------------------------+-----------------------------
 Reporter:  jonkolbert    |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  General       |    Version:  5.4
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 Hello,

 I am a volunteer contributor on Wikimedia projects, and we often see spam
 from WordPress blogs running 5.4 that are using "unapproved" and
 "moderation-hash" in the query string to effectively "unblock" their
 comments for the purpose of spamming on other websites.

 [http://pieriseltv.fr/?unapproved=35233&moderation-
 hash=6b6e9e997f4ad00d447640218d5e34bb example here]

 This should not be occuring, approved comments should be the only ones
 that shown publicly and site admins/moderators should be the only ones
 able to see unmoderated comments.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/49956>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list