Strange behaviour

Hello,

There was a security bug in old versions of Creative Contact Form.
We have fixed the bug, and changed the structure of scripts, but keep the empty file, to allow updater overwrite old file, which has a bug in it.

Some sites have written about that bug, probably that is why someone tries to run that script on your site.
Anyway the bug was solved, and this plugin is absolutely safe now.

Best Regards,
Simon

After multiple WP sites on the same (mine) server were all recently infected with the SoakSoak virus, and the abuse department at my host tracked it to the “Creative Contact Form” plugin the following location, I no longer trust it. In the host’s words:

“The following URL was being used as an open uploader to your
account:

(URL changed below by me)
https://www.mysite.com/wp-content/plugins/sexy-contact-form/includes/fileupload

I locked down the directory
public_html/50marketing/wp-content/plugins/sexy-contact-form/includes/fileupload/files/,
where malicious files were being uploaded for now, but you may wish to
consider, at the very least, removing the upload feature of that plugin.”

Hello,

The bug have been fixed since version 1.0.0.
Sorry for any inconvenience you had.

As I write in forums, after update you should remove all files from wp-content/plugins/sexy-contact-form/includes/fileupload/files/ directory, because updater script can not delete files.

Or you can just uninstall plugin, then install it again.