WPForms
Menu Wordpress
Menu WPForms
 

WPForms

On futher investigation into the compromising of contact forms I started to speculate on whether an email address could be verified on a form before it was submitted. I have observed that the simple Wordpress Contact form will allow the submission of the form without checking that the email address actually existed.

The consequence of this is that a contact form could be "spammed" or "used inappropriately" by filling the email field with text that looks like an email address (has the correct format with an @ and a domain after the @). These emails did not exist and they were not checked.

There seem to be many ways that this can be achieved - a Wordpress admin that sees this as "abuse" should not be the admin of a Wordpress website.

The WPBeginners website said:

One of our friends recently shared how, when they launched their first WordPress site, they posted their email on the contact page to stay in touch with visitors. Big mistake. The spam was endless, and he missed important messages buried in his inbox.

That’s when he realized it was time for a proper contact form.

Top

As I am not using a contact form this discussion is a little accademic.

Links

Link to PDF Disabled

If you require a copy please email tempusfugit.me.uk

Go to Scan

Top

References - a note on these -

  • 1 - WPForms - https://wpforms.com/
  • 2 - I Tried 9 WordPress Contact Form Plugins & Here Are My 5 Picks - https://www.wpbeginner.com/plugins/5-best-contact-form-plugins-for-wordpress-compared/
  • 3 - Free email address verification tool - https:// tools.emailhippo.com/

Site design by Tempusfugit Web Design -

Mobile Update - June 2024
Design Pages
Top of page