WPTavern Forum Admin
Contact Form 7 Security Vulnerability
Mark Jaquith over Twitter today mentioned that Contact Form 7 was being exploited and that anyone using it should uninstall it. That's what I've done to both WPTavern and Jeffro2pt0 but I have yet to see any detailed information regarding the hack or exploit. Anyone else?
Big Tipper
WPTavern Forum Moderator
Darn. I use this on two sites :(
Hopefully they get it fixed ASAP.
WPTavern Forum Moderator
WPTavern Forum Admin
Yep been in touch with that thread. I have a post going live at 7AM to let people know of the *potential* security problem with the plugin. Hope it is quickly fixed as it's my favorite contact form plugin. Works perfectly for me and no spam.
Hello World
Hello World
Looks like the security issues may have been resolved. I didn't see any details but the developer made a post today.
http://ideasilo.wordpress.com/2009/0...t-form-7-1951/
April 23, 2009
I have recently released Contact Form 7 1.9.5.1. This update includes several security fixes, so upgrading quickly is highly recommended.
WPTavern Forum Admin
Thanks for the update. Going to have to reinstall it and reconfigure it on my sites again. Looks like the security vulnerability had something to do with not having default restrictions on file types and file size uploads.
I think I need to donate $20.00 to this guy for fixing it as I love this plugin.
Hello World
It's a fantastic plugin. The forms setup in the config page is a little ugly but you can't knock a plugin that addresses security issues like this so quickly.
WPTavern Forum Admin
Yeah, ended up giving the guy $20.00 for fixing it so quickly. He was really appreciative of the donation. I thought it sucked that such an awesome plugin only made him about $100.00 in total so far.
Posting Permissions 
LinkBack URL
About LinkBacks
Reply With Quote