Log when a site's email address is changed in wp-admin/options.php #90740
Labels
[Feature Group] Site Settings & Tools
Settings and tools for managing and configuring your site.
[Feature] Site Settings
All other general site settings.
[Pri] High
[Product] WordPress.com
All features accessible on and related to WordPress.com.
[Type] Feature Request
Feature requests
What
We should be logging as often as possible, and we do not log when a site's email address is modified from wp-admin/options.php. I'd like us to consider adding logging for this action.
Why
Specific features will use the blog admin email address as a fallback if the owner email address is unavailable, and it is possible to silently set this address to an address belonging to an unwitting third party. For context: p1715771406974199/1715767859.100399-slack-CDJ9Z349W
How
No response
The text was updated successfully, but these errors were encountered: