Got a “suspect” Mail about “sql injection vulnerability”

  • Hi there gt tonight this Email:

    `Von: Steffan <[email protected]>
    Betreff: i found a sql injection vulnerability on your website

    Nachrichtentext:
    Hello,

    I have found a vulnerability on your with a very high critical risk to your system, it leads access to the whole website’s database, including the personal data of the users.

    I am willing to reveal the vulnerability to you as soon as possible, let me know if this is the appropriate email address to disclose & handle it.

    Looking forward to hearing from you,

    Best regards.`

    I Checked the Domain from the sender but it is not exosting, so i guess someone is trying to get more details from me… Any ideas?

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Yui

    (@fierevere)

    永子

    You got a ransom mail most likely, however usually they ask to send them BitCoins right away.

    Hardening WordPress

    You get this kind of mail from many people. Don’t provide any information to them and don’t hire them for work.
    If you have any personal/regular developer then you can ask him if he made any custom form in the website and it’s being used on any page then you can review that form.

    If you’re using forms with 3rd party plugin then you don’t need to worry about it.

    Thread Starter leogc

    (@leogc)

    I Use Forms from ContactForm7 only and a registration form from Wp Membership, thats all. ok i will deletie this email and will not respond ?? Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Got a “suspect” Mail about “sql injection vulnerability”’ is closed to new replies.