spam prevention needed

  • There is no CAPTCHA or other method to prevent a postcard from being accessed remotely and used for spamming, as in this example:

    https://example.com/?ecimg=example.com/wp-content/uploads/2013/01/IMG_3410.jpg&ecurl=example.com/?p=2302

    This is a SERIOUS FLAW, the ramifications of which should be seriously considered before implementing this plugin on a live site!

    I recommend you implement the following security features to make this a nifty little plugin:

    • Add referrer check to email sending routine (not foolproof but at least a start)
    • Add a CAPTCHA to email sending routine

    Thanks for your time and an otherwise great plugin!

    https://www.ads-software.com/extend/plugins/postcards/

  • The topic ‘spam prevention needed’ is closed to new replies.

Tags