Jetpack by WordPress.com
Spammy screenshot generated in Jetpack comments (3 posts)

  1. Michael
    Posted 3 years ago #

    Have the cached images from the "mshot" service on WordPress.com been compromised in any way? In my test site, I activated Jetpack Comments and added a comment, using my Twitter login. In the Comments list in the admin interface of test site, I immediately noticed that the email link was my Twitter handle @twitter.example.com, which was odd, but not a big deal. (Likely not relevant to this problem.)

    However, when I hovered over the author comment URL, a div with the class "mshot-container" displayed with a screenshot that was not of my Twitter account, but of a Polish spam site with a photo of a woman in a white bikini selling some fat burner product.


    I tried to test with another Twitter user, but the "mshot" preview never generated.


  2. Tim Moore
    Plugin Contributor

    Posted 3 years ago #

    The @twitter.example.com email address is expected when using Twitter. Twitter does not share user email addresses to third parties and the WordPress commenting system requires an email address, so we needed to put some relevant information in there with the other comment data.

    As far as the spammy mshot, could you send this information to our support team and include the Twitter handle this occurred with and the URL, if possible, of the page where the comment was left. Thanks!

    Support team contact: http://en.support.wordpress.com/contact/?jetpack=needs-service

  3. Michael
    Posted 3 years ago #


    I submitted the information about the spammy mshot to the Jetpack support team via the form URL you provided. Thanks.


Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Jetpack by WordPress.com
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic