• Resolved WPwebbouw

    (@wpwebbouw)


    I was testing a new WP Mail SMTP install for a client and after the test mail was working I performed a password reset to see if the mail was send in a real world scenario. Seeing the mail in WP Mail Logging I realized the reset password link was there readable and useable in the log, and also in the database. Does this pose a security issue?

Viewing 1 replies (of 1 total)
  • Hi @wpwebbouw,

    Thanks for reaching out!

    I wouldn’t consider this a security issue because the email is stored in the log and viewable in either WP Mail Logging or the DB. Whoever is viewing it would have to be an admin or have access to your DB.

    A security issue can only arise If someone breaks into the site (to see the log or the DB) and that’s outside the scope of the plugin but rather a general security issue with the site.

    I hope this helps with clarification.

    Thanks ??

Viewing 1 replies (of 1 total)
  • The topic ‘Is it safe?’ is closed to new replies.