Support » Fixing WordPress » sometimes find ‘pending’ posts in my blog admin

  • These are clearly spam, but i’m not sure how they’re getting in there. They always just show up as pending posts. I don’t have any other users allowed on my blog except me as the admin. Any thoughts on why these might be happening and how to prevent them? thanks.

Viewing 6 replies - 1 through 6 (of 6 total)
  • whooami



    Do you mean drafts???

    do you use xmlrpc to do any posting? If you dont and have that enabled, turn it off (its an option in the wp-admin area, somewhere).

    I was getting ready, btw, to ask about making sure you werent confusing posts with comments, but judging by your year *here*, you know the difference.

    You do right? Humor me please, I got burned on overestimating someone on the forums yesterday.

    No, they’re actually pending posts and i won’t see them in my drafts section. If i click on posts, sometimes i’ll see the ‘pending’ ones in there on the top. This only started fairly recently (maybe 6 months ago? after one of the newer upgrades), but it goes in spurts where I will get a few and then i won’t get them for a really long time.

    I deselected the XML-RPC and the atom publishing tool since i don’t do any remote publishing. Hopefully that helps!

    oh and yes, definitely know the difference between comments and posts. I’ve been using wordpress since 2005, but only ever come on the forums when i just can’t figure it out.

    thanks! 🙂




    well.. thats not all I was going to suggest. honestly, seeing pending posts when youre the only admin isnt a good thing. ever.

    turn on your raw log archiving if you dont have it on, you know, so your server logs are being saved…

    and if you do have those daily logs available, I would recommend going through and looking at all the POST requests.

    you will see lots for comments, lots for you logging in, and whatnot, and then the other .. its the other that youre interested in.

    take a look in your database, specifically the wp_users table, do you have a ‘wordpress’ user? any other users that arent listed in the normal wp-admin users area?

    I did not think this was a good thing because it seems like some sort of security breach.

    It appears i’m the only user showing up in that table.

    I do have my raw logs archived, but i can’t remember the last time this happened, so i can’t look in that date. I’ll definitely search through when/if it happens again. I hope it just magically stops, haha.

    If I might jump in … I assume they’re listed as written by you?

    One other thing: your sentence ready “I don’t have any other users allowed on my blog except me as the admin.”

    This could be read two ways:
    1 – You are the only user that is the admin (which implies other users, just with a lower status
    2 – You are the only user, and are the admin

    If the latter (which I am assuming), and if there is no other publishing process enabled (that is, XML-RPC and Atom Publishing are off), then consider changing your password.

    If the former, then if they are contributers, all their posts would get “pending” status.

    Also, you left a query a while back about posting directly via PHP:

    Could whatever you implemented be the security hole?

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘sometimes find ‘pending’ posts in my blog admin’ is closed to new replies.