[wp-trac] [WordPress Trac] #43936: Settings: Warn when open registration and new user default is privileged
WordPress Trac
noreply at wordpress.org
Mon Jan 20 18:46:35 UTC 2020
#43936: Settings: Warn when open registration and new user default is privileged
-------------------------------------+-----------------------------
Reporter: kraftbj | Owner: SergeyBiryukov
Type: defect (bug) | Status: reviewing
Priority: normal | Milestone: 5.4
Component: Users | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-refresh | Focuses: administration
-------------------------------------+-----------------------------
Comment (by eatingrules):
I'd like to add another vote here to not allow new user default roles to
be Editor or Administrator if "Anyone can register" is enabled.
We had a client this morning discover that all new accounts her site were
being created as Administrators... She became aware of it only once a
customer pointed out to her that she had been granted Admin access after
she purchased. We have no idea when/how/why the default setting changed
to Administrator (thankfully, at this point haven't found any evidence of
other malicious behavior).
Thanks!
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43936#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list