WordPress.org

Ready to get started?Download WordPress

Forums

Contact Form 7
[resolved] Contact Form 7 - Used to send spam (6 posts)

  1. hotconductor
    Member
    Posted 1 year ago #

    It was my understanding that CF7 could be used only as inbound mail. IE: someone on the site fills out the form, it goes to my designated email. However, I have gotten back a massive log from my host (hostgator) which clearly shows that CF7 on one of my sites is being exploited to send OUTBOUND mail. So my sites have all been flagged for spam, despite the fact that all are local personal businesses. Any thoughts on how to secure this?

    http://wordpress.org/extend/plugins/contact-form-7/

  2. esmi
    Forum Moderator
    Posted 1 year ago #

  3. hotconductor
    Member
    Posted 1 year ago #

    Actually I apologize... The only site where there seems to be a problem is the only site where Visual Form Builder Pro is used as the contact form. All sites with CF7 are fine n dandy. No log issues.

    I do not believe the site has been hacked, but I definitely think there is a big hole in VFBP!

  4. esmi
    Forum Moderator
    Posted 1 year ago #

    I can only suggest that you try to contact the developers of VFBP asap.

  5. hotconductor
    Member
    Posted 1 year ago #

    Already have. And have switched out that plugin while they bug hunt.

  6. esmi
    Forum Moderator
    Posted 1 year ago #

    I'd actually suggest that you uninstall it for now. An insecure, inactive, plugin can still, theoretically, pose a security issue.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic