plugin hacked? | ww.wp.xz.cn

Resolved danperis
(@danperis)

11 years, 4 months ago

Hi Josh,
thanks for your work.
Everyday spammers try to register in my forum.
If I try to register (with a new user name), your plugin works: I am not allowed to login, and the new user name is kept in the “pending status” till the admin approves the registration.
However, since about a week, some spammers hacked this process, and they get approval without my permission.
I am also using the “The Stop Spammer Registrations” Plugin which helps me monitoring how the spammers work: they firstly register with IP address “A”, then they try to login from “A”, then they even process the “activate/…” link (which is automatically sent by email) from an IP address “B”.
After that, they access the login page from an other IP address “C”.
What puzzles me is that I find the (spammer) user account among the approved ones, and not in the “pending” ones.
Any clues?
Many thanks

https://ww.wp.xz.cn/plugins/new-user-approve/

Viewing 1 replies (of 1 total)

Josh Harrison
(@picklewagon)

11 years, 3 months ago

I will need to research this. I’ll let you know what I find out.

Viewing 1 replies (of 1 total)

The topic ‘plugin hacked?’ is closed to new replies.

1 reply
2 participants
Last reply from: Josh Harrison
Last activity: 11 years, 3 months ago
Status: resolved