Just looking for some guidance and thoughts. A customer of ours has started getting bombarded with registration and password reset emails from 100’s of different WordPress websites. What appears to me to be common is that all the websites have a domain/my-account page that simply asks for an email address to register. Example: https://studiowisedesign.com/my-account or https://threewrensgin.com/my-account. This then generates an “Account has been generated” and a follow-up “Password Reset Request” email. Are they simply poorly designed websites allowing “automated” registration by a malicious third party and what can be done to stop it. There seems to be nothing I can do from the recipients end.

Much appreciated.

Jacques

The returning email is always from email.imailfree.cc

Is this spam? Cause I’m starting to think it is and how do I stop it? I’m still so new to blogging and wordpress I don’t know where to resolve this. My Gmail is being blown up by all these “new user registrations”.

Or is this people trying to subscribe to my blog? I really have no idea.

Any help or insight would be great.

The password ones are sending with no issues, but the registrations ones are still sending the default wordpress ones. I have tried deactivating and reactiving the plugin, with no success.

We use WP Mail SMTP with Amazon for sending all our emails, and like I said, the user still gets an email, but it is that plain wordpress one.

Any ideas why it isn’t working?

WP User Manager 2.3.2
Wordpress 5.2.5

I am working on localhost. I am using buddypress plugin.I am trying to register an user and i can see the message saying the email is sent .But , when i check the email inbox , there is no mail in inbox or spam or anywhere else.Whereas, I can send a test email for the same email id and i can see it in inbox.

Please help.

Thanks

I presume this is a bug? Can you ensure that the email actually uses the custom text entered in this field.

Alex

We are just starting a new WP site. As admin I created a new user, role: editor, and both he, the new editor, and I got the new user email. However, if just a regular user comes along and registers, I get the email but they do not. Here is the email I got:

New user registration on your site Aged Warrior:
Username: riverwaif
Email: noc@***
Display Name Publicly As: riverwaif

This was me from another computer (trying for the second time today) playing new user and I used one of my other email addresses. It’s going to be a simple site, the editor is the owner. He tried to have his wife sign on earlier today and she did not receive a new email either. As admin I didn’t even get that email as I did when I played new user and got the two I tried.

WP is, however, emailing me regularly. When I log on, my thunderbird immediately chimes with new logon alert so I know email is working. Wordfence has no problem emailing me. WP is emailing me. Just not to new users.

All new users are role: subscriber. It is they that don’t get a new user email with the reset password and login URL.

I see from a google search that this was a problem many versions ago. I haven’t found any recent instances either here in the forum or out on google.

Any suggestions would be appreciated.

list of plugins:
Better WordPress reCAPTCHA
Deactivate | Edit | Settings
Version 2.0.3 | By Khang Minh | View details

Captcha by BestWebSoft
Settings | Deactivate | Edit
Version 4.1.9 | By BestWebSoft | View details | Settings | FAQ | Support

Contact Form 7
Settings | Deactivate | Edit
Version 4.4.1 | By Takayuki Miyoshi | View details

Custom Meta Widget
Deactivate | Edit
Version 1.4.7 | By bitacre | View details

Limit Attempts by BestWebSoft
Settings | Deactivate | Edit
Version 1.1.3 | By BestWebSoft | View details | Settings | FAQ | Support

Styleguide – Custom Fonts and Colours
Deactivate | Edit
Version 1.5 | By BinaryMoon | View details

TinyMCE Advanced
Deactivate | Edit
Version 4.2.8 | By Andrew Ozz | View details

Wordfence Security
Deactivate | Edit
Version 6.0.25 | By Wordfence | View details

WP-SpamShield
Settings | Deactivate
Version 1.9.7.7 | By Scott Allen | View details | Documentation | Support | Donate

I was assisting a user with trying to figure out why the email notification links were resulting in 404 errors. I checked your plugin code and noticed that you are hard coding the table names. More importantly you are assuming that someone has not changed their WP Table prefix and are using the default wp_ DB table prefix.

This is very simple to correct.

function wev_install(){
		global $wpdb, $wp_version;

		if($wpdb->get_var("show tables like '".wev_temp_user. "'") != wev_temp_user){
		$sSql = "CREATE TABLE IF NOT EXISTS <code>&quot;. wev_temp_user. &quot;</code> (";
		$sSql = $sSql . "<code>user_id</code> INT NOT NULL AUTO_INCREMENT ,";
		$sSql = $sSql . "<code>user_name</code> TEXT NOT NULL,";
		$sSql = $sSql . "<code>user_pass</code> TEXT NOT NULL,";
		$sSql = $sSql . "<code>user_email</code> TEXT NOT NULL,";
		$sSql = $sSql . "<code>confirm_code</code> TEXT NOT NULL,";
		$sSql = $sSql . "PRIMARY KEY (<code>user_id</code>)";
		$sSql = $sSql . ")";
		$wpdb->query($sSql);
	}
	}

Example of how to use the WordPress DB table prefix object and other things.

$example_table_name = $wpdb->prefix . "example_table_name";

	if ( $wpdb->get_var( $wpdb->prepare( "SHOW TABLES LIKE %s", $example_table_name ) ) != $example_table_name ) {	

	$sql = "CREATE TABLE $example_table_name (
  id bigint(20) NOT NULL AUTO_INCREMENT,
  status VARCHAR(60) DEFAULT '' NOT NULL,
  user_id VARCHAR(60) DEFAULT '' NOT NULL,
  username VARCHAR(60) DEFAULT '' NOT NULL,
  public_name VARCHAR(250) DEFAULT '' NOT NULL,
  email VARCHAR(100) DEFAULT '' NOT NULL,
  role VARCHAR(15) DEFAULT '' NOT NULL,
  human_time datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
  login_time VARCHAR(10) DEFAULT '' NOT NULL,
  lockout_time VARCHAR(10) DEFAULT '' NOT NULL,
  failed_logins VARCHAR(2) DEFAULT '' NOT NULL,
  ip_address VARCHAR(45) DEFAULT '' NOT NULL,
  hostname VARCHAR(60) DEFAULT '' NOT NULL,
  request_uri VARCHAR(255) DEFAULT '' NOT NULL,
  UNIQUE KEY id (id)
    );";

	require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
	dbDelta($sql);
	}

https://www.ads-software.com/plugins/woocommerce-email-verification/

I tried searching for this but I kept coming back to posts 6 or 7 years ago. I also looked in the 3.6 master list and was not listed. I did follow the instructions on disabling all plug-ins, re-installing the 3.6, changing theme, etc. and non of this worked. I tested this on a clean install of WP 3.6 on another domain that I have and exact same results.

It’s actually pretty odd. I get my admin emails just fine, including updates from when I post because I have subscribe2 installed. I usually get those right away.

I was doing some work in my forum today and tried to register a new user and the email never made it to the email account. I tried two other accounts, all 3 are yahoo. One got the email, and (so far) the other two have not.

I am at a loss to explain why one yahoo account would get the email just fine, while two others would not. I haven’t tested with other email services yet.

edit–I tried an aol account and it received, but went to the spam folder
edit2–MSN live did the same. It got the email right away but it went into the junk folder.