WordPress.org

Ready to get started?Download WordPress

Forums

Contact Form 7
[resolved] Possible vulnerability (2 posts)

  1. MkStreetlane
    Member
    Posted 3 years ago #

    Hi. I recently added the contact form plug in (latest version) to all pages of my site. I UN-checked the allow comments option on all pages.

    A few days later I then received an email from someone who was probably a spammer from some SEO company and who had filled out the form on one of the pages

    The email or the post that created it did not appear anywhere on the WP admin panel, nor could I find any way to remove it.

    I was not too worried however, until I googled some of the text in the email and found links from google to my site!!

    IMHO this is a serious vulnerability as the post / email cannot be moderated or deleted and although it does not appear on the site it can be found on google and is a great way for spammers to get links as well as post malicious comments about the site. Surely the content of a "Contact Us" form should be completely confidential!

    I have since had a couple more emails from probable spammers and have had to remove the contact form until this issue is resolved.

    Best Regards
    Martin Kelly

  2. MkStreetlane
    Member
    Posted 3 years ago #

    Sorry, please ignore this post.... My fault
    Regards
    Mk

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic