[wp-trac] [WordPress Trac] #43856: Include submitter IP details in password reset emails?
WordPress Trac
noreply at wordpress.org
Sun Oct 18 09:43:35 UTC 2020
#43856: Include submitter IP details in password reset emails?
-------------------------------------------------+-------------------------
Reporter: cefiar | Owner: garrett-
| eclipse
Type: enhancement | Status: accepted
Priority: normal | Milestone: 5.6
Component: Privacy | Version: 4.9.6
Severity: minor | Resolution:
Keywords: has-patch has-screenshots has-copy- | Focuses: ui-copy
review |
-------------------------------------------------+-------------------------
Changes (by garrett-eclipse):
* keywords: has-patch needs-privacy-review has-screenshots has-copy-review
=> has-patch has-screenshots has-copy-review
* status: assigned => accepted
Comment:
Removing needs copy review as I feel I gave that initially. We're sending
the users own IP back to them, and if it's not their then it's a flag that
it's a potentially malicious action. As this is a improvement on the
security of the action I see that falling under section (f) 'Legitimate
Interests' of the GDPR.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43856#comment:23>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list