Log when a site's email address is changed in wp-admin/options.php

[arinoch]

What

We should be logging as often as possible, and we do not log when a site's email address is modified from wp-admin/options.php. I'd like us to consider adding logging for this action.

Why

Specific features will use the blog admin email address as a fallback if the owner email address is unavailable, and it is possible to silently set this address to an address belonging to an unwitting third party. For context: p1715771406974199/1715767859.100399-slack-CDJ9Z349W

How

No response

[mrfoxtalbot]

I know that @Automattic/explorers have been done some work towards syncing user information between dotcom and local (AT) sites.

Is this something that could be fixed by Explorers?

[allilevine]

I know that @Automattic/explorers have been done some work towards syncing user information between dotcom and local (AT) sites.

Is this something that could be fixed by Explorers?

We have! This is somewhat related to Untangling since we're working in wp-admin, so I added it to the board.

How and why do users access this page?

[arinoch]

How and why do users access this page?

The most common reason I see as an HE is for WooCommerce notifications. They send email to the admin email of the site, and users often want to redirect that to a different address. You can't change it in WooCommerce, so we often have them change it on this page.

In this specific case, however, it was Happiness needing to access this page for a user's site. Your context for that is in this internal thread. p1715771406974199/1715767859.100399-slack-CDJ9Z349W