[Solved] Another security issue
I've had wpforo running on a website for 3 years now with no real issues. I've just had reported to me a problem with registering as a new member. I ran a test signup and the link in the email I receive to set the new member password resolves to resetting password access to the Wordpress admin for the site! Has my site been hacked and the forum software corrupted? I have two-factor authentication, so nobody has accessed the site itself but I need to know how to restore the correct files and prevent this happening again.
There is no any hacking issue. It just sends to Wordpress default reset password page.
You just need to Replace Reset Password Page URL to Forum Reset Password Page URL. The option is located in Dashboard > Forums > Settings > Features admin page.
OK! I wonder why I never noticed this before! Thanks. Done.