WordPress.org

Forums

Custom Contact Forms
Spam? (2 posts)

  1. TheWebsiteWordsmith
    Member
    Posted 2 years ago #

    Every once in a while I get what I assume is spam, but I don't know. The form is filled out with

    <script>alert("xssvuln")</script>

    over and over and it will send me like 20 emails. What is this? How do I stop it?

    http://wordpress.org/extend/plugins/custom-contact-forms/

  2. dentm42
    Member
    Posted 2 years ago #

    There (is/was) a cross site scripting vulnerability in Custom Contact Forms. The text you quote is part of the way to exploit it. Not sure how to stop it per se. Also not sure from the tracking whether it's been fixed or not.

    More info: http://plugins.trac.wordpress.org/ticket/1520

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Custom Contact Forms
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic