A serious vulnerability in the Custom Contact Forms

  • Resolved ssiddiqi1

    (@ssiddiqi1)


    9 years, 8 months ago

    I am using version 5.1.0.4 which claims to have fixed a vulnerability. I believe there are still security issues. My account was suspended by my host provider for sending spam emails. Upon investigation, it was evident that a hacker was exploiting Custom Contact Forms plugin. I updated the plugin to version 5.1.0.4 a week ago and the incidence happened on August 18, 2014. A serious vulnerability in the Custom Contact Forms

    Below is the snippet from log file. Which confirms that there are still security issues with this plugin.

    [18/Aug/2014:07:35:10 -0500] “POST /wp-content/plugins/custom-contact-forms/import/1408365293ccf.sql.php HTTP/1.1” 404 34536 “-” “Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20130101 Firefox/10.0”

    https://wordpress.org/plugins/custom-contact-forms/

Viewing 4 replies - 1 through 4 (of 4 total)
  • chansolutions

    (@chansolutions)

    9 years, 8 months ago

    I have had two sites hacked. In the plugin page an ad for a different forms plugin appeared. All my forms and submitted entries had vanished.

    Also, a new user with administrator privileges was added. If your forms have disappeared make sure you check your users directory and look for any suspicious or unknown users.

    I have not yet found any other problems.

    Thread Starter ssiddiqi1

    (@ssiddiqi1)

    9 years, 8 months ago

    There was no user created, somehow using the custom contact form, hacker was able to send thousand of emails /wp-content/plugins/custom-contact-forms/import/1408365293ccf.sql.php

    adopted3

    (@adopted3)

    9 years, 5 months ago

    My Custom Contact Forms disappeared on 3 websites, and also a new User appeared on all 3 sites, named “wp-admin” with ID #666 and email test@yourdomain.com

    I recommend removing this plugin and switching to something else.

    Plugin Author Taylor Lovett

    (@tlovett1)

    9 years, 3 months ago

    This is no longer relevant with version 6.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘A serious vulnerability in the Custom Contact Forms’ is closed to new replies.