Plugin sending OTP to unverified user

  • dkexception

    (@dkexception)


    5 months ago

    Hello, The plugin sends an OTP to unverified user.

    Steps to reproduce:
    1. Configure plugin to send user verification email.
    2. Enable email OTP based login.
    3. Create a new user but dont click on the confirmation email.
    4. Goto login page, and enter the same email which you used above.
    5. The plugin will send an OTP to the unverified email.
    6. If the OTP is entered an error message is displayed: Incorrect username/password

    Expected behavior:
    The plugin should not send an OTP to unverified email address.

Viewing 1 replies (of 1 total)
  • Plugin Support pickpluginswporgrep

    (@pickpluginswporgrep)

    Hi @dkexception,
    Thank you for informing us about this issue.
    The OTP and verification functionality work differently, so we are planning to add an extra option. By enabling or disabling these options, you will be able to control whether you want to send OTP for unverified users or not.

    Our team is currently working on this. I will reply to you here as soon as the update is published on WordPress.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.