WP Update Triggered Password Email For All Users

  • Resolved graemetw

    (@graemetw)


    9 years, 3 months ago

    Hi guys

    Just upgraded to WordPress 4.3 and started to get emails from our membership customers right after.

    They all reported being sent TWICE, an email telling them their password was changed (when they did not).

    Here’s a copy of an email:

    —————————-
    From: WordPress <[email protected]>
    Date: Tue, Aug 18, 2015 at 9:08 PM
    Subject: [The Online Dog Trainer Video Membership Site] Notice of Password Change
    To: [email address removed]

    Hi [ name removed]

    This notice confirms that your password was changed on The Online Dog Trainer Video Membership Site.

    If you did not change your password, please contact the Site Administrator at
    [email address removed]

    This email has been sent to [email address removed]

    Regards,
    All at The Online Dog Trainer Video Membership Site
    https://www.theonlinedogtrainer.com/members
    —————————-

    We run a wp plugin for our membership called DAP and we run a WP Plugin called Simple:Press Forum, so we sync DAP with WP Users, so I know this is not coming from DAP, it’s WordPress.

    Any thoughts on what might have triggered this, or how to stop it when doing future upgrades would be really useful.

    Many thanks
    Graeme

Viewing 9 replies - 16 through 24 (of 24 total)

  • Hi Eric,

    We sent an email to all the DAP users earlier today.

    Thanks,
    Veena

    Thanks Veena!
    Your support is superb, as always.

    Hi Guys

    I’m seeing the same issue on one of my sites but we dont use the DAP plugin.

    Is there any more information we can get on what is causing the issue?

    Thanks

    Hello Guys,

    Yes I’m having the same issue aswell. We use Membermouse rather than DAP so does seem to be related to a core update change.

    I’ll do some digging and report back with what I can find.

    I am seeing the problem as well, with a custom external auth plugin, that gets the username/password from an external db and updates the user details every time they login.

    Seeing as the password is external to WP and can’t be changed from within WP, I can suppress the pw change email as per the temporary fix above, and that will be my permanent solution. It’s impossible for my plugin to know if the password is being changed or not, since changes to the password occur elsewhere.

    Something like this could be happening in Membermouse and other auth plugins.

    I am NOT using DAP, but I am having this problem.

    It’s only been since 4.3, but every time ANY change is saved in the User Profile, it sends a notification (incorrectly) about the password being updated.

    Any ideas about what is triggering this yet?

    My customers were getting emails about the email address changing as well. So now, I check to see if the externally obtained email address is different to the existing WP record, and only update the WP user record if it has changed.

    This problem has been quite hard to pin down and I’m still not certain that all those pesky emails have been suppressed. If someone does change their email address in the external system, the next time (could be a while later) that they login to WP they will get an update email. Still a bit annoying and I can’t see how that can be suppressed.

    donaldG2

    (@donaldg2)

    I’m experiencing this issue as well for a client of mine. Whenever she logs in to the site she gets sent a password reset notification. It appears to only be happening for her. The only plugin we had running that included the functions Otto mentioned was Infinite WP. I disabled the plugin but she’s still getting the emails. Any further thoughts on this?

    Happening to me too, no membership plugins. Nothing unusual on this site. Glad to know others are having the problem and it’s not hacking.

Viewing 9 replies - 16 through 24 (of 24 total)
  • The topic ‘WP Update Triggered Password Email For All Users’ is closed to new replies.