[wp-trac] [WordPress Trac] #49956: Spammers able to share unmoderated comments
WordPress Trac
noreply at wordpress.org
Sun Apr 19 20:58:33 UTC 2020
#49956: Spammers able to share unmoderated comments
--------------------------+-----------------------------
Reporter: jonkolbert | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 5.4
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Hello,
I am a volunteer contributor on Wikimedia projects, and we often see spam
from WordPress blogs running 5.4 that are using "unapproved" and
"moderation-hash" in the query string to effectively "unblock" their
comments for the purpose of spamming on other websites.
[http://pieriseltv.fr/?unapproved=35233&moderation-
hash=6b6e9e997f4ad00d447640218d5e34bb example here]
This should not be occuring, approved comments should be the only ones
that shown publicly and site admins/moderators should be the only ones
able to see unmoderated comments.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49956>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list