Steps to reproduce:
<Include steps to reproduce the bug.>
— Go to account and change email
— No confirmation or notification are sent
PS: you can see the old email also in general, why make the field as password ?
Expected behavior:
<What you expected to happen?>
While it is expected to be able to change account email, if you get your password breached (which happens) then anyone can change the email, you don't get a notification on your old email that account email has changed. More than this you don't need to verify the new email address. Both are basic security measures.
You need to notify the user of account changes like these and ask for new email confirmation.