* added security condition to check that one logged-in user cannot activate another one user via email activation link;

* fixed double handler of email activation link (wp_die doesn't stop the script for some reason); * added redirects to login page with error notices instead of wp_die text;
2026-06-05 15:09:37 +09:00 · 2024-10-11 18:47:40 +03:00
parent 62cc39e2ef
commit 1cbbb70a03
4 changed files with 20 additions and 12 deletions
@@ -279,6 +279,8 @@ class Users {
 		 * @param {int}    $expiration Expiration timestamp. Since 2.8.7.
 		 */
 		do_action( 'um_after_user_hash_is_changed', $user_id, $hash, $expiration );
+
+		$this->remove_cache( $user_id ); // Don't remove this line. It's required removing cache duplicate for the force case when re-send activation email.
 	}

 	/**