WordPress.org

Ready to get started?Download WordPress

Forums

Fast Secure Contact Form
[resolved] Possible email injection attempt on 3.1.7 (6 posts)

  1. Swanage
    Member
    Posted 1 year ago #

    Hello,

    I have updated to fscontact form 3.1.7 and am getting the message
    "illegal characters in POST. Possible email injection attempt" when submitting an email. This only seems to happen on messages where enter has been pressed to create new lines in the text field. On single line messages it was not happening.

    I have reinstalled 3.1.6.3 and it is working fine again.

    Thanks.

    http://wordpress.org/extend/plugins/si-contact-form/

  2. Mike Challis
    Member
    Plugin Author

    Posted 1 year ago #

    Thanks for reporting. Will be fixed right away

    Mike

  3. Swanage
    Member
    Posted 1 year ago #

    Brilliant, thanks very much.

  4. Mike Challis
    Member
    Plugin Author

    Posted 1 year ago #

    Version 3.1.7.1 or greater should fix it

    = 3.1.7.1 =
    - (18 Jan 2013) - fix a few critical errors such as "illegal characters in POST", Notice: Undefined index si-contact-form.php on line 1016, and users cannot send the form a 2nd time.

  5. SharmTouring
    Member
    Posted 8 months ago #

    i have the same problem till now !

    Illegal characters in POST. Possible email injection attempt

  6. Mike Challis
    Member
    Plugin Author

    Posted 8 months ago #

    There are forbidden characters, your email content triggered them.
    You can see what they are on line 1222 of class-fscf-process.php

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic