URGENT: Appointment+ sending emails to wrong clients

Hi -
Recently we found out from one of our customers that they are receiving and able to view email reminders that were supposed to be sent to other clients.

This is a major security issue for us. Can you please help us identify the root cause and fix this issue asap.

PS: I am providing developer access to so you can look at this immediately.

Thanks
Vamsi

  • Milan

    Hello @Vamsi Pulavarthi,

    I hope you are having a good day and thanks for the asking.

    Before I flag our valuable SLS( Second Line Support ) can you point me where to look for additiona info or include some email info which was sent to your user who was able to view other's schedule ? So that I can give my best try to solve this one. Also is it happening with all new user or some of them ?

    Looking forward to hearing back from you.

    Cheers,
    Milan Savaliya.

  • Milan

    Hello @Vamsi Pulavarthi,

    I hope you are having a good day and really sorry for being late here.

    It seems to me more likely issue with syncing mail account on apple phone. ? Because mail is not received when customer is logged in through PC but only on apple devices !!!, it surprises me as mail syncing should work same way on both devices, they just fetches mail information from the mail server and display it according to different flags( like "read, important, spam" etc etc )

    But its kind of complex to regenerate this issue with my sandbox site. And to be honest I've never heard about such issue before. I can see now you are using an older version of appointment+. Is problem popping up with the version you're using now ?

    Let me know further so that I can assist you further. :slight_smile:

    Cheers,
    Milan Savaliya.

  • Vamsi Pulavarthi

    Hi @Milan
    I have completely removed the client names from the email due to this issue. This severely limits our ability to use this plugin.

    This problem is hard to reproduce even on our side due to the type of issue.

    Can you confirm that you have tested your email functionality on a Apple Watch or Google Gear? If not, is there a way to ensure that the email is not visible on these devices?

    Thanks
    Vamsi

  • Milan

    Hello @Vamsi Pulavarthi,

    Hope you are having a great day. :slight_smile:

    Can you confirm that you have tested your email functionality on a Apple Watch or Google Gear? If not, is there a way to ensure that the email is not visible on these devices?

    Dear member mostly we test our plugin with latest wordpress and respective API which are used in plugin development.

    But this is kind of Syncing issue with other devices which never had a testing case while testing as syncing is not arena of plugin but its arena of respective devices. I am not sure but as far as I think it's the issue with device itself not with plugin. Because plugin directly interact with default wordpress mail API to send emails. However I've contacted our developer for this one will post his valuable view on this as soon as I got some reply from him. :slight_smile:

    Another thing you asked is

    Is there a way to ensure that the email is not visible on these devices?

    Not at all. As its completely depends on device configuration.

    I hope this helps you. I'll post our developer view on this soon. :slight_smile:

    Kind Regards,
    Milan Savaliya.

  • Ignacio

    Hi @Vamsi Pulavarthi

    It looks that everything is fine in Appointments+. If you get an email in an Apple Watch with a name, this email has to be exactly the same, for the same email, in a different device. In any device.

    If you're seeing the names fine in PCs, then Appointments+ is sending the right emails. I just tested the whole process and I cannot see any error on this. The code that sends the emails has not been changed for ages.

    I would say that there's maybe a misconfiguration in Apple Watch or similar.

    Regards.
    Ignacio.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.