Posted 2 years ago #
I'm having an issue with random users getting logged in with the admin account after connecting their facebook. The first time it happened it was with my dad, I assumed it was a fluke because we had the same last name. It has happened again with a completely random person who connected with Facebook and was logged in as admin.
Has anyone else experienced this issue?
Posted 2 years ago #
Yes, mine too.
Posted 2 years ago #
Yes, had this today,
I'd REALLY like to see them use fb UID as the username, not their first name and a number.
This is huge security risk!
Posted 2 years ago #
Doesn't appear the author is interested in fixing this issue or updating the plugin. Disappointed...I'll have to find another solution
Posted 2 years ago #
I am having the same issue!! This is a great plugin besides for this bug? Can we put our heads together and come up with a fix?
Posted 1 year ago #
Same here
Posted 1 year ago #
I'm nervous because I've been doing a lot of work with this plugin and haven't been able to reproduce this issue yet.
Can anyone provide any details on what kind of users get registered as admins? Is it truly random or do they always have something in common with an admin user?
Posted 1 year ago #
It seems that as a new user connecting via Facebook you can delete posts etc - as admins - try connecting with a new FB account and you will see the issue.
Posted 1 year ago #
I have a fix for this.
In functions.php of the plugin replace line 215 by this one.
update_user_meta( $new_user, 'fb_uid', $new_user->id );
Then it should work like is supposed to
Posted 1 year ago #
Anyone try the above fix?
Results?
Posted 1 year ago #
I just tried that and it didn't work
This topic has been closed to new replies.
