WordPress.org

Plugin Directory

wp-contact-form

Opened 12 years ago

Closed 12 years ago

#383 closed defect (duplicate)

Spamming via wp-contact-form

Reported by: lmlweb Owned by: ryanduff
Priority: normal Severity: major
Plugin: wp-contact-form Keywords: spamming via form
Cc:

Description

Lately I have been getting spam emails, but I'm not sure if they actually work or if it's a constant testing to see if the form is exploitable. An example is shown below. They are all using the same bcc. Judging from the PHP files of the form plug in, every effort is made to root out bad entries. So I'm not sure if this is a true spam vulnerability, or if someone is testing for vulnerability. This happens every Sunday and Monday, and at least 2 attempts each day.

Any comments or suggestions?

example
to9037@… wrote:
cost
Content-Type: multipart/alternative; boundary=6e344faab6058a92366a8126411b5550
MIME-Version: 1.0
Subject: hostrup ou and my ilhelm had already made her
bcc: charleses3229@…

This is a multi-part message in MIME format.

--6e344faab6058a92366a8126411b5550
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

prize fighter to do me fightin f r me, a pedesthreen to do me walkin , a jockey to do
--6e344faab6058a92366a8126411b5550--

.

Website: to9037@…
IP: 170.171.250.51

Change History (1)

comment:1 @mastermind12 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

This is already being discussed in http://dev.wp-plugins.org/ticket/372
Please research before posting.

Note: See TracTickets for help on using tickets.