Support » Plugin: Contact Form 7 » Irresponsible authors damage the WP community

  • The latest debacle of CF7 upgrade is one of the worst cases of irresponsible behaviour I have seen from a WP developer. In my book it is malicious behaviour. There, I said it!

    Here is the Change Log for 7.5

    Introduces the Constant Contact integration module.
    Updates the reCAPTCHA module to support reCAPTCHA v3.

    Where does it say that v2 is discontinued? How can we understand that by upgrading the plugin we have to re-register every site again with Google? If we don’t reCAPTHA will stop working.

    When a plugin is used by millions the author has a responsibility. He cannot simply bring out a version that breaks a very important function of the job plugin does. In the Net we cannot have a contact form without a form of CAPTCHA. This is a fact!

    By hiding his actions he acted maliciously with or without intend I don’t care. All I know is that his upgrade broke all my websites, 200+ of them. I’m sure there are thousands more in my position.

    I will replace CF7 as soon as possible. I can’t trust the author anymore.

    Can you imagine the amount of spam passing through now because of this upgrade shambles? Hence my use of the word malicious…

    • This topic was modified 1 year, 5 months ago by sarumbear.
Viewing 5 replies - 1 through 5 (of 5 total)
  • Zach

    (@wackywired135)

    I too am extremely disappointed with the latest update. reCAPTCHA v2 is still a valid solution, doesn’t make sense to force v3.

    Change line ~112 of wp-content/plugins/contact-form-7/modules/recaptcha.php
    from: return $spam;
    to: return true;

    I can tell with a great certainty that the above hack is working. I have applied the hack to 200+ sites 18 hours ago. Since then contact form submissions reduced from 3000+ a day to 100+ a day, a 30 fold decrease, which is the average figure I had before the CF7 was “updated”.

    As I said above, I am extremely disappointed with the plugin author. He has helped spammers big time and he is still helping — by not patching it!

    A film scenario can well be:

    There is a sleeper spammer. A clever one. He writes a good plugin that does a very useful job. Entire WordPress community starts to use it. After 5 million downloads the author makes a change in disguise of an upgrade (v2 to v3) which breaks the previous functionality, forces everyone to re-register.

    For the diligent few who will re-register, he introduces a bug to so that the plugin does not function at all. His job is done: Now 5 million users are feeding the spammers coffers.

    Now you may see more why I see the authors actions as malicious. Especially after reading all posts about the patch and staying silent!

    The author of CF7 has been on the Forum answering oe query|:

    https://wordpress.org/support/topic/your-email-in-mail-2-does-not-work/

    If he is monitoring the forum then why is he ignoring the proved bug in his code? I can’t believe that my far fetched film scenario is becoming more like the reality.

    Moderators: please put a sticky note at the very top of the forum, calling the author to be responsible.

    It seems the author has commented on this issue 4.5 days ago.

    https://wordpress.org/support/topic/recaptcha-v3-if-g-recaptcha-response-is-empty-submission-never-be-verified/

    He does not want to include the hack because on some rare occasions the form will fail to deliver legitimate submissions.

    Really?

    Who on their right mind want a wide open sieve so that an occasional pea does not fail to pass?

    Irresponsible behaviour is proven…

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Irresponsible authors damage the WP community’ is closed to new replies.