Support » Plugin: Wordfence Security » Emails now contain HTML code

  • I’ve received four notices of Wordfence’s update to 5.3.5 so far.

    Each email has a significant amount of visible HTML, which they didn’t have before. Here’s an example – surely this isn’t intentional, is it?

    <p>This email was sent from your website ” —” by the Wordfence plugin at Sunday 18th of January 2015 at 10:15:09 PM</p>

    <p>The Wordfence administrative URL for this site is: http://—.com/wp/wp-admin/admin.php?page=Wordfence</p&gt;

    <p>Your Wordfence installation has been upgraded to version 5.3.5</p>

    <p>User IP: 127.0.0.1
    User hostname: localhost
    </p>

    etc.
    (site name redacted – it’s academic to the post)

    https://wordpress.org/plugins/wordfence/

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author Wordfence

    (@mmaunder)

    Hi,

    Yes we changed the email format slightly. But it should be interpreted by your mail reader.

    Please let us know which email reader you’re using or which free or paid email service provider you’re using.

    Thanks.

    I read email with the program that comes with my Mac OS X Yosemite – similar to the one that’s come with most Mac OS’s for years.

    I have the same issue. I’m working with Thunderbird

    I see it with browser based gmail too.

    <p>This email was sent from your website “—–” by the Wordfence plugin at Monday 19th of January 2015 at 06:14:45 AM</p>

    <p>The Wordfence administrative URL for this site is: http://—-/wp-admin/admin.php?page=Wordfence</p&gt;

    <p>A user with IP address 154.58.193.208 has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username ‘admin’ to try to sign in.</p>

    <p>User IP: 154.58.193.208
    </p>

    While I am on this subject. I try to report most of the login attempts to the source ISP. Sometimes they want time zone and destination IP information. I don’t suppose you could add that to the report so I could just cut and paste or forward the email?

    I am finding a great many of the IP addresses of my Bot attacks on one of my sites end up showing Air OS router login screens. I’m wondering if the embedded Linux on the Air OS routers is being exploited?

    I get the same thing on OSX Yosemite Mail.

    Below is a snippet with the domain names Xed out.
    ==================================
    <p>This email was sent from your website “xxxxxxxx.xxx” by the Wordfence plugin at Monday 19th of January 2015 at 09:48:32 AM</p>

    <p>The Wordfence administrative URL for this site is: http://xxxxxx.xxx/wp-admin/admin.php?page=Wordfence</p&gt;

    <p>Your Wordfence installation has been upgraded to version 5.3.5</p>

    <p>User IP: 127.0.0.1
    User hostname: localhost
    </p>
    =====================================

    For what it’s worth — I have the same problem with these emails on Outlook 2010 with an Exchange server at work.

    Same issue here, OS X 10.9.5, Mail 7.3.

    Minor issue, great plugin! Thanks!

    FYI, the HTML code is being shown in GMail. If GMail can’t interpret it, I think there is a problem.

    – Scott

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Emails now contain HTML code’ is closed to new replies.