Skip to:
Content
Pages
Categories
Search
Top
Bottom

Users (spammers) can send private message with unactivated account


  • ajaxthemestudios
    Participant

    @ajaxthemestudios

    Hi

    I discovered that users (spammers in this case) can send private messages and spam other users even though their accounts are yet to be activated by WordPress.
    Is this how Buddypress is designed or is this a bug?

    Regards

Viewing 3 replies - 1 through 3 (of 3 total)

  • Varun Dubey
    Participant

    @vapvarun

    @ajaxthemestudios

    User will not able to log in and if they will try to log in, they will get the following message.

    ERROR: Your account has not been activated. Check your email for the activation link.

    For spammers:

    ERROR: Your account has been marked as a spammer.


    Paul Gibbs
    Keymaster

    @djpaul

    If you can find if this is actually happening and how to recreate it step-by-step, we’re of course more than happy to fix it.


    ajaxthemestudios
    Participant

    @ajaxthemestudios

    Hi

    This is how it happened. We got an email from registered members that they are being spam. Another member was sending them SPAM messages.
    The mail sent to them contained the name of the member so we searched for it. We also got the spammer’s account username and link by checking the affected members messages directly under their profile page on the frontend. The spammer has a profile page already. However, the username could not be found in the users section of the backend.
    Then we checked users that have not activated their account or received the activation email through a plugin named Unconfirmed.
    That was when we found the spammer info meaning the spammer has not activated his/her account yet but is already interacting with the community.
    That I cannot explain why it happened. It seems even though the user has not activated his/her account, he/she is already recognized by buddypress.

    Regards

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.
Skip to toolbar