[wp-trac] [WordPress Trac] #57639: Don't reveal and show admin email address in "changed email address" template to low permission user roles - Privacy issue

[WordPress Trac]

#57639: Don't reveal and show admin email address in "changed email address"
template to low permission user roles - Privacy issue
-------------------------+------------------------------
 Reporter:  ReneHermi    |       Owner:  (none)
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  Privacy      |     Version:  6.1.1
 Severity:  major        |  Resolution:
 Keywords:               |     Focuses:
-------------------------+------------------------------

Comment (by ReneHermi):

 I know, you know but I claim the "administration email address" has
 ''often'' an existing admin user account because the average small website
 owner adds there the same email address that he uses for maintaining his
 website.

 I experienced this often on client websites and even on personal websites
 of mine.

 But you can put the security factor aside and take the privacy one.

 This was never an issue for me as I had the assumption this mail address
 would be private.
 When I happened to notice that this email address is sent to all my
 subscribers who want to change their mailing address, this became a
 problem because this email address was never intended for the public and
 there is no clear warning in admin dashboard that the administrator email
 address is visible to other people.

 When we don't remove the mail address we should at least mention that this
 mail address is no private one and could be visible to subscribers.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/57639#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform