[wp-trac] [WordPress Trac] #49639: Add a filter on wp_insert_user function regarding $user_pass
WordPress Trac
noreply at wordpress.org
Tue May 11 20:13:55 UTC 2021
#49639: Add a filter on wp_insert_user function regarding $user_pass
------------------------------------------------+--------------------------
Reporter: stokim | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Users | Version:
Severity: normal | Resolution:
Keywords: has-patch dev-feedback 2nd-opinion | Focuses: privacy
------------------------------------------------+--------------------------
Changes (by tomjdevisser):
* keywords: needs-patch good-first-bug => has-patch dev-feedback 2nd-
opinion
* focuses: => privacy
Comment:
I added the filter and changed the name of the variable to
$pre_hash_password as I thought that would be a more descriptive name for
a hook.
I would like to know if this goes against any security protocols, as
**you're giving site and plugin developers access to a non hashed password
of users without permission**.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49639#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list