FS Contact Form no longer in WP Market?

Notification by Wordfence: Critical Problems:
* The Plugin “Fast Secure Contact Form” has been removed from www.remarpro.com.

If this is true, should we move to another plugin?

Hi, the plugin is under new management. I think the new owners have taken the plugin offline for now until they sort things out in the back end.

Kind regards

Indeed the plugin has been removed.

The bypass: I have zippend the plugin from another site and uploaded it into another. This works perfectly. If you need a zipped version, please let me know.

Next steps: You have to select and check out another plugin. Suggestions welcome. Problem with a number of free plugins is they can be sold to another company that wants to make money or the plugin is abandoned.

Yes Open Source is like a pizza contract. The base is free and the toppings can get very expensive.

• This reply was modified 7 years, 2 months ago by Ronald.

I am the original author of Fast Secure Contact Form. This plugin had a new owner in June 2017 with a WP user profile name “fastsecure”. The new owner attempted to put code in several of his newly acquired WordPress plugins that would connect to a 3rd party server he also owned and place spam ads for payday loans and such in the WP posts. The new owner put spam code in versions 4.0.52 4.0.53 4.0.54 and 4.0.55 but it failed to display any spam because he put the code in the secureimage.php file. The malicious code required WordPress libraries to also be loaded to execute. The reason the spam code did not do anything at all is because the secureimage.php file is not included in the WordPress run time environment. The secureimage.php file is included from another file securimage_show.php that loads the captcha image directly from html img src outside of the WordPress run time. The spam code in this plugin was never activated, it would not have corrupted your posts or changed anything in the WordPress database.

I am sorry for any inconvenience this has caused. The plugin was taken off the WordPress repository by WordPress staff until this can be sorted out. Perhaps a new version will soon be published with clean code from version 4.0.51. In the meantime it should be advised to deactivate or uninstall the plugin. But I caution you that if you delete the plugin from the WordPress plugin settings menu, your forms stored in the database will also be deleted. If you like the plugin and want to delete it now and possibly use it again in the future you can back up your forms prior to deactivate or deleting. The ‘Backup Settings’ tool is on the Tools tab of the form settings menu. This tool can save a backup of your contact form settings. Here is how to backup: Select a form to backup: (choices are: All Forms, Form 1, Form 2, etc), then click the Backup Settings button. This will generate a file download that you save on your computer. The file will be a text file named like this: “contact-form-backup-1.txt”. That is your backup file, keep it in a safe place in case you want to restore it someday.

In short: you should disable this plugin as soon as possible and follow the steps from Mike Challis as written above.

• This reply was modified 7 years, 2 months ago by Ronald.

Hi, I am sorry to all for my comment above. I never thought someone would do that. I hope @mikechallis can fix this issue for all us who use this great plugin including myself.

Kind regards

• This reply was modified 7 years, 2 months ago by mbrsolution.

Could be related to this
https://www.wordfence.com/blog/2017/09/man-behind-plugin-spam-mason-soiza/

Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites
https://www.wordfence.com/blog/2017/09/display-widgets-malware/

I have released a clean version of this plugin, with the malicious code removed.

Version 4.0.56 is clean, and has the various changes from the new owner backed out. You can safely upgrade to it through the normal process.

This plugin will not be relisted in the Plugin Directory, nor will it receive any further updates. I recommend finding an alternative plugin for your future needs.

Wow another one! First I lose Display Widgets and now this one too! HTH. Not happy.

Mike Challis sorry your plugin got hacked.. hope you rework it and add it back to the repository. I always trusted the repository for clean plugins.. ??

Thank you, both Mike Challis, for the awesome plug-in I’ve used for years and sorry this happened to you – Thank you, Samuel Wood (Otto) for getting the fix in place while I research what to move to. So glad the community here has the dedicated folks it does – I still surmise they waaayyy outnumber the ‘rotten apples’ – ?? Thanks again!!

“Version 4.0.55 | By fastsecure” on “wp-admin/plugins.php?plugin_status=upgrade” has a link to “fastsecure” with a URL of “https://www.642weather.com/weather/scripts%5B.%5Dphp.” I put the dot in straight brackets in case that php file is malicious.

Should WordPress push notifications to wp-admin/plugins.php?plugin_status=upgrade so that admins can be informed in as near real time as possible what’s happened and is happening, etc.? I might even go for WordPress being able to deactivate a malicious plugin and send me an email, etc., informing me.

It could get complicated quickly though if the problem plugin is a security plugin, in which case WordPress could at least push a notification or maybe even update the problem plugin with the bad code stripped out.

These are just my first-reaction thoughts on it and are subject to change, of course, as new info comes out.

Thanks for all the steps that have already been taken!

Oh, shouldn’t the “View version 4.0.56 details” link have included info on this issue even though the plugin had been removed from the repository? Thanks again.

Oh, shouldn’t the “View version 4.0.56 details” link have included info on this issue even though the plugin had been removed from the repository?

This is a known issue that we have not been able to fix at this time. We don’t use this “hidden but updating” status very often, so it’s not fully feature complete. Nevertheless, the update process itself works fine.

Thank you Mike for the plugin that has served me so well for the past 4 years and for the information.

Thank you Otto for explaining about the new update and the details link issue.

I’d like to thank Mike also. It has been my favorite plugin and had been featured in my new ebook. Fortunately (or unfortunately for my readers), I was able to pull the recommendation the day before launch.

For years, and its been so many I don’t even remember how many, I have been using this plugin, and occasionally donating a small bit to Mike, who is probably the ONLY person to ever receive multiple donations from me.

I hope someone, with Mike’s character and devotion is able to restore this plugin, a valuable part of my website.

Thanks again Mike!
Kirk Ward