Make WordPress Core

#52017 closed defect (bug) (invalid)

Customers getting reset password emails

Reported by: hoshigetsu Owned by:
Milestone: Priority: normal
Severity: major Version: 5.6
Component: Login and Registration Keywords:
Focuses: Cc:


It appears my customers have been getting reset password emails over the past month. I have security in place to prevent hackers and it does not appear that anyone logs in to change the customers passwords. I also do not see any suspicious logins from these accounts, and the passwords remain the same from the time they receive the emails (I have many of their passwords notated, and I am still able to login.)

I have notifications when someone attempts a password reset, and I do not get emails with these customers resetting their passwords.

This is happening to dozens of customers, with no explanation. No actual password resets, just emails saying they reset their password from WordPress.

Change History (2)

This ticket was mentioned in Slack in #core by lukecarbis. View the logs.

11 months ago

#2 @lukecarbis
11 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

Hi @hoshigetsu, welcome to WordPress Trac! Thanks for the ticket.

I'm sorry to hear you are having issues with WordPress sending out unexpected reset password emails. We discussed this issue in today's triage session. Since it's not clear what the cause of the issue is, we thought you might get the best help if you try the support forums: https://wordpress.org/support/forums/.

Note: See TracTickets for help on using tickets.