Good luck pen price.Claim Your Free 999 Pesos Bonus Today

Gabri
(@juegos)

4 years, 11 months ago

Hello, it’s been a month or so I get random images uploaded on my WordPress media. Last night I got another one and today I decided to check everything better. I was using CF7 5.1.5 and I just updated to 5.1.7.

This is what I see on my logs when the unwanted images where uploaded:

GET /contacto/ HTTP/1.0
POST /wp-json/contact-form-7/v1/contact-forms/4084/feedback HTTP/1.0

All this from an IP in Ukraine and I see many other websites on Google when I look for the same image name we got uploaded, all hacked with russian spam links.

What could I do there? Do you have an idea of where is the problem?

Thank you in advance,
Gabriel

Viewing 9 replies - 1 through 9 (of 9 total)

Thread Starter Gabri
(@juegos)

4 years, 11 months ago

I forgot to add, there is no image or any other filetype upload option on the form and we are using Google reCAPTCHA v3.

Plugin Author Takayuki Miyoshi
(@takayukister)

4 years, 11 months ago

Where can we see the website in question?

Thread Starter Gabri
(@juegos)

4 years, 11 months ago

Hello, the website is (remove spaces): culti fort . com

Thank you

Thread Starter Gabri
(@juegos)

4 years, 11 months ago

Hello again, did you manage to find anything strange?

Thank you

Plugin Author Takayuki Miyoshi
(@takayukister)

4 years, 11 months ago

See Setting up mail

What email settings do you have in the Mail tab panel for the contact form on the Contacto page?
Thread Starter Gabri
(@juegos)

4 years, 11 months ago
Hello again, these are the settings we have (remove space before “.com” please):

cultifort .com/wp-content/uploads/2020/04/CleanShot-2020-04-12-at-16.46.54.jpg

Thank you again
- This reply was modified 4 years, 11 months ago by Gabri.
Plugin Author Takayuki Miyoshi
(@takayukister)

4 years, 11 months ago

What other plugins and theme do you use on the site?

Thread Starter Gabri
(@juegos)

4 years, 11 months ago

Hello,

theme is Avada. Plugins in use (remove space before .com):

cultifort .com/wp-content/uploads/2020/04/CleanShot-2020-04-13-at-18.59.11.jpg
cultifort .com/wp-content/uploads/2020/04/CleanShot-2020-04-13-at-18.59.36.jpg

Thank you again for all your help.

Plugin Author Takayuki Miyoshi
(@takayukister)

4 years, 11 months ago

Try switching to the default theme and deactivating all the plugins excluding Contact Form 7 and Flamingo.

Why you are advised to deactivate plugins and switch to the default theme.

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘Hack – Image upload via Contact Form’ is closed to new replies.

Tags