Flawed or intentional

  • I am using Secure invites with BuddyPress. I want to have a system where a user can invite only 10 members. With the settings it all works fine.

    However, I have just found out that a user may bypass this security check which limits his number of invites by:

    1) Invite 10 people
    2) Delete his account with BuddyPress
    3) Click on his invitation email and re- register
    4) Start from step 1.

    Is this a flawed feature or am I getting something wrong?

    If it flawed, I request the plugin developers to ensure that the registration link to expire after registration.

    https://www.ads-software.com/plugins/wordpress-mu-secure-invites/

Viewing 1 replies (of 1 total)
  • Plugin Author Chris Taylor

    (@mrwiblog)

    Thanks for raising this. It’s not intentional, and I’ll look into fixing this in a future version of the plugin.

Viewing 1 replies (of 1 total)
  • The topic ‘Flawed or intentional’ is closed to new replies.

Tags