[wp-trac] [WordPress Trac] #50072: Users with email addresses containing a single quote cannot reset their passwords
WordPress Trac
noreply at wordpress.org
Wed Jul 16 08:56:09 UTC 2025
#50072: Users with email addresses containing a single quote cannot reset their
passwords
------------------------------------------+------------------------------
Reporter: daniele.perilli | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version: 5.4
Severity: major | Resolution:
Keywords: needs-patch needs-unit-tests | Focuses:
------------------------------------------+------------------------------
Comment (by hbhalodia):
Hi @danieleperilli @SergeyBiryukov,
I have tested the scenarios outlined above but was unable to reproduce the
issue on WordPress version `6.8.1`.
Here are the detailed steps I followed:
1. Created a new user with the email `new'user.test at gmail.com`, ensuring
the email condition was met.
2. Navigated to the user’s profile and clicked the `Send Reset Link`
button.
3. The system displayed a confirmation that the reset link was sent
successfully.
4. Verified the email in MailHog, which contained the reset link with the
username and key as URL parameters.
5. Clicked the link, which correctly redirected to the “Enter New
Password” page. Upon submission, the password was successfully reset, and
I was able to log in using the new credentials.
6. Additionally, I tested the same scenario using the “Forgot Password”
workflow, which functioned as expected.
Based on these tests, I am unable to replicate the reported issue on
WordPress `6.8.1`.
Thank you.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50072#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list