diff --git a/wp-admin/includes/class-wp-privacy-policy-content.php b/wp-admin/includes/class-wp-privacy-policy-content.php
index dd704bdecf..15d6518601 100644
--- a/wp-admin/includes/class-wp-privacy-policy-content.php
+++ b/wp-admin/includes/class-wp-privacy-policy-content.php
@@ -584,6 +584,9 @@ final class WP_Privacy_Policy_Content {
$strings[] = '
' . __( 'By default WordPress does not share any personal data with anyone.' ) . '
';
}
+ /* translators: Default privacy policy text. */
+ $strings[] = '' . $suggested_text . __( 'If you request a password reset, your IP address will be included in the reset email.' ) . '
';
+
/* translators: Default privacy policy heading. */
$strings[] = '' . __( 'How long we retain your data' ) . '
';
diff --git a/wp-includes/version.php b/wp-includes/version.php
index d80ceeafea..984cdc9922 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
*
* @global string $wp_version
*/
-$wp_version = '5.6-alpha-49254';
+$wp_version = '5.6-alpha-49255';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
diff --git a/wp-login.php b/wp-login.php
index 143b3e1da0..7c33f9da32 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -432,9 +432,18 @@ function retrieve_password() {
$message .= sprintf( __( 'Site Name: %s' ), $site_name ) . "\r\n\r\n";
/* translators: %s: User login. */
$message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n";
- $message .= __( 'If this was a mistake, just ignore this email and nothing will happen.' ) . "\r\n\r\n";
+ $message .= __( 'If this was a mistake, ignore this email and nothing will happen.' ) . "\r\n\r\n";
$message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";
- $message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . "\r\n";
+ $message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . "\r\n\r\n";
+
+ $requestor_ip = $_SERVER['REMOTE_ADDR'];
+ if ( $requestor_ip ) {
+ $message .= sprintf(
+ /* translators: %s: IP address of password reset requestor. */
+ __( 'This password reset request originated from the IP address %s.' ),
+ $requestor_ip
+ ) . "\r\n";
+ }
/* translators: Password reset notification email subject. %s: Site title. */
$title = sprintf( __( '[%s] Password Reset' ), $site_name );