search

bluehost / bluehost-wordpress-plugin

WordPress plugin that integrates your WordPress site with the Bluehost control panel, including performance, security, and update features.
GNU General Public License v2.0
28 stars 22 forks source link

Non-admin redirected to admin only area upon logging in #512

Closed Ollystorm closed 6 months ago

Ollystorm commented 1 year ago

Hi there, It seems that the plugin is causing a redirect to the bluehost admin page for all users upon login. This causes non admin users to be shown a screen saying they are not permitted on this page. This was seen on https://unswoc.org/wordpress/ but the plugin has now been disabled. This was an issue before the last major release (->3.x.x) but after that update the issue seemed to go away and was only noticed again now.

aulisius commented 1 year ago

Thanks for creating the issue!

I think #505 might have introduced this. @circlecube I think the redirect param in the filter here might need to be looked at. https://github.com/bluehost/bluehost-wordpress-plugin/blob/dba16e479ed00ae2dafc80c8ec136e89698e370c/inc/LoginRedirect.php#L52

aulisius commented 1 year ago

@Ollystorm Could you please provide the list of plugins/themes that are currently active on your site?

It feels like, your site might have a non-admin user with higher privileges than expected.

Ollystorm commented 1 year ago

Better Notifications for WP 1.9.3Code Snippets 3.4.0Eaasy Table of Contents 2.0.50Events Manager 6.4.1Events Manager Pro 3.2.2Events Manager Pro - PayPal 1.0Jetpack Boost 1.9.1PublishPress Capabilities 2.8.1Redirection 5.3.10Remember Me Controls 2.0.1s2Member Framework 230530 s2Member Pro 210526 Smash Balloon Instagram Feed 6.1.5Wordfence Security 7.10.0WP Crontrol 1.15.2WP Mail SMTP 3.8.0WP-Optimize - Clean, Compress, Cache 3.2.15WPCode Lite 2.0.12

On Fri, 23 Jun 2023 at 21:11, Faizaan @.***> wrote:

@Ollystorm https://github.com/Ollystorm Could you please provide the list of plugins/themes that are currently active on your site?

It feels like, your site might have a non-admin user with higher privileges than expected.

— Reply to this email directly, view it on GitHub https://github.com/bluehost/bluehost-wordpress-plugin/issues/512#issuecomment-1604127138, or unsubscribe https://github.com/notifications/unsubscribe-auth/AJ25NENIJARJ2XSFP4PFLMLXMV2ULANCNFSM6AAAAAAZRGEWJ4 . You are receiving this because you were mentioned.Message ID: @.***>

-- Oliver Nicholls

circlecube commented 6 months ago

Closing this as we have not been able to reproduce.