Membership Plugin

WordPress Membership Plugin

  • Home
  • Documentation
  • Addons
  • Support
    • Quick Setup
    • Documentation
    • Premium Addon Support
    • Paid Support
    • Support Forum
    • Support Forum Search
    • Forum Login
    • Forum Registration
  • Contact
You are here: Home

LeicesterChris

  • Profile
  • Topics Started
  • Replies Created
  • Engagements
  • Favorites

Forum Replies Created

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • March 21, 2025 at 10:36 am in reply to: Password reset being sent to wrong address #30040
    LeicesterChris
    Participant

    I can’t do that, unfortunately. If I repeat the action, our already annoyed member will get spammed with a reset password email yet again, and she’s pretty fed up already. She could even report us for breaching GDPR rules.

    Simply entering *any* email address in the box sends an email to her address, and also exposes her email address to anyone else who clicks “Forgot Password”, as it comes up and says “New password has been sent to xxx” where xxx is her email address.

    As a temporary measure I’ve edited the page so that instead of bringing up the [swpm_reset_form] it just asks the person to email me so I can reset their password manually.

    March 20, 2025 at 8:09 am in reply to: Password reset being sent to wrong address #30031
    LeicesterChris
    Participant

    Thanks very much for your reply. The membership tables are correct, and indeed when I click on “Forgot Password”, it doesn’t matter what email address I put in, it sends an email to the j**** address. That person is a genuine member, whom I emailed to see if she was getting a lot of spam and she confirmed that she’s been getting ALL password requests. I can’t do the test again, because it will send out spam to this person so I need to understand where and how this particular email address got embedded into the reset password form. Since memberships are due for renewal this month, a LOT of people have clicked “Forgot Password”, which means this particular member’s email address is then visible to all of them – which is in contravention of GDPR.

    I was hoping there was a way I (or someone more technically capable than I) could peer “under the hood” to see the code that presumably must be incorporating this person’s email address.

    October 15, 2022 at 11:26 am in reply to: Logout link not working swpm-logout=true #24606
    LeicesterChris
    Participant

    Just to give some further background – since it was impossible to log out, I added a redirection link after logout to take me to the login URL. That did allow me to log in as a different user, and the profile showed correctly. The fact it redirected implied that the system did think I’d logged out.

    However, on the login page, if instead of logging in again I just went to the membership page – it still showed me as logged in as the OTHER user! This seems like a big security hole. It seems I can temporarily log in as a different user, but somewhere in the system the old user is still marked as being active.

    I really hope there’s a workround for this, as the functionality otherwise is just what I want – but it really is essential for users to be able to log out.

    October 15, 2022 at 11:06 am in reply to: Logout link not working swpm-logout=true #24605
    LeicesterChris
    Participant

    I’m having exactly the same problem, and even clearing cookies doesn’t work. Opening in an incognito doesn’t work. Same problem in both Chrome and Edge. Once I’m logged in, that’s it – it’s impossible to log out.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
Next Page »

Please read this message before using our plugin.

Search

Featured Addons and Extensions

  • Membership Form Builder Addon
  • Member Directory Listing Addon
  • WooCommerce Payment Integration
  • Member Data Exporter Addon

Documentation

  • Documentation Index Page

Copyright © 2026 | Simple Membership Plugin | Privacy Policy