Support » Plugin: Ninja Forms Contact Form - The Drag and Drop Form Builder for WordPress » Thousands of empty random spam mails

  • Resolved hutruk


    I have a problem with a Ninja Form on a Website. I have the most recent WordPress version and all plugins are up to date. I use several different Ninja Forms on different pages across one website. But the problem persists with only one of them. From time to time a get a wave of thousands empty spam emails containing only a random email and nothing else. The spam seems to bypass the honey pot, the anti-spam field and all the other required fields. The messages are empty except for random email addresses. The strangest thing is that even after I have deleted the contact form from the page (but kept it in the dashboard) the spam kept coming. So I had to actually delete the complete form from the backend. Any ideas what kind of exploit that could be?

Viewing 6 replies - 1 through 6 (of 6 total)
  • sunnypek


    Pretty sure it is Ninja Forms problem. I have had hundreds of Canadian Pharmacy spams when I was using their plugin. Deactivated it and the spam stopped. I recommend you to find another contact form.

    If you’re using the Conditional Logic extension, there’s a vulnerability that allows bots to bypass reCAPTCHA. I have posted a solution for that here:

    Plugin Contributor Justin McElhaney


    @sunnypek and @hutruk Can you make sure that your Ninja Forms plugin is updated to the latest version. Can you also add a reCaptcha field to your form and see if you are still receiving the spam entries.
    If you continue to have issues, can you contact our official support channel.



    hello, i dont use Conditional Logic extension, and i have this spam problems.
    recaptcha dont register views or fails, or success…
    it must be jump over recaptcha

    Plugin Contributor Justin McElhaney


    If you are still having issues with Spam, make sure that you are using Ninja Forms and have v2 reCaptcha keys added to Ninja Forms > Settings Alternatively, you can use an Akismet action on your form.

    If you have the Conditional Logic add-on installed, make sure you update to version

    If all of these conditions are met and you are still having issues with this Spam, can you contact us at so we can take a closer look at the issue on your site.

    v2 reCaptcha keys added to Ninja Forms > Settings

    @jmcelhaney Does that mean that V3 isn’t supported? If so is support for V3 in your roadmap? The settings page doesn’t actually have anything stating a limitation here so it would be great if you could add some copy text to indicate that. Or even validation if you can determine the type from the user input.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Thousands of empty random spam mails’ is closed to new replies.