I Can Still Register User via Command Line | WordPress.org

itsfridaymoanin
(@itsfridaymoanin)

8 years, 1 month ago

I installed BWP-reCAPTCHA, the CAPTCHA shows up on the registration and effectively blocks users who incorrectly fill out the CAPTCHA. However, I am still able to register a user by sending a Post request with user_login, user_email, and submit values from the command line. This is precisely the scenario I’m trying to prevent.

Am I missing something?

https://wordpress.org/plugins/bwp-recaptcha/

Viewing 2 replies - 1 through 2 (of 2 total)

Thread Starter itsfridaymoanin
(@itsfridaymoanin)

8 years, 1 month ago
This CURL command will register a user, even when the plugin is activated and set up correctly:
```
$ curl --request POST 'http://www.example.com/wp-login.php?action=register' \
--data "user_login=register_test&user_email=test@example.com&wp-submit=Register"
```
Plugin Author Khang Minh
(@oddoneout)

8 years, 1 month ago

Hello, thank you for reporting the issue.

Does this happen for the login page as well or the registration page only?

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘I Can Still Register User via Command Line’ is closed to new replies.

In: Plugins
2 replies
2 participants
Last reply from: Khang Minh
Last activity: 8 years, 1 month ago
Status: not resolved