WordPress.org

Ready to get started?Download WordPress

Forums

Postcards
spam prevention needed (1 post)

  1. NoProbRob911
    Member
    Posted 1 year ago #

    There is no CAPTCHA or other method to prevent a postcard from being accessed remotely and used for spamming, as in this example:

    http://example.com/?ecimg=example.com/wp-content/uploads/2013/01/IMG_3410.jpg&ecurl=example.com/?p=2302

    This is a SERIOUS FLAW, the ramifications of which should be seriously considered before implementing this plugin on a live site!

    I recommend you implement the following security features to make this a nifty little plugin:

    • Add referrer check to email sending routine (not foolproof but at least a start)
    • Add a CAPTCHA to email sending routine

    Thanks for your time and an otherwise great plugin!

    http://wordpress.org/extend/plugins/postcards/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic