WordPress beware of outdated plugins including cforms
WordPress users beware of outdated plugins, including cforms.
Update your plugins to stop hackers exploiting them. If they have been discontinued or have not been updated in the last year i recommend removing them and replacing them with a similar plugin.
Cforms has been discontinued due to vulnerabilities within the script. The author on their website said this:
“I’ve just recently been made aware of potentially new security concerns around PHP injection attacks, which I took as a reason to make a long over due call. As of today, I give up cforms and lay it to rest.”
The plugin allows a php file (which is a malicious script) to be uploaded and run from your server.
If you are using this plugin, your server could be compromised and used for mail-spam.
Some common places to look to see if this has happened is:
- Look out for an enquiry from email address “emailnew[at]mail.com”.
- Check the plugin folder ‘/wp-content/plugins/cforms/’ for a file called “noid-mootools.php”