A General Technology & Development Blog

Technology, Development, Programming – Magento, Wordpress.

Home » WordPress beware of outdated plugins including cforms

WordPress beware of outdated plugins including cforms

WordPress users beware of outdated plugins, including cforms.

Update your plugins to stop hackers exploiting them. If they have been discontinued or have not been updated in the last year i recommend removing them and replacing them with a similar plugin.

Cforms has been discontinued due to vulnerabilities within the script. The author on their website said this:

“I’ve just recently been made aware of potentially new security concerns around PHP injection attacks, which I took as a reason to make a long over due call. As of today, I give up cforms and lay it to rest.”

The plugin allows a php file (which is a malicious script) to be uploaded and run from your server.

If you are using this plugin, your server could be compromised and used for mail-spam.

Some common places to look to see if this has happened is:

  • Look out for an enquiry from email address “emailnew[at]mail.com”.
  • Check the plugin folder ‘/wp-content/plugins/cforms/’ for a file called “noid-mootools.php”
  • Was this Helpful ?
  • Yes   No

Name of author

Name: BlogOwner

Short Bio: "The master has failed more times than the beginner has even tried."

eXTReMe Tracker