Hidden submissions

  • Resolved emuninja

    (@emuninja)


    1 year, 6 months ago

    We’ve seen an issue on our site where a payment form appears to be being abused from external parties (with both reCAPTCHA v3 invisible and the honeypot enabled.)

    We’re a bit unsure how the attack appears to submit entries as it should need valid data include a valid credit card but we’ve seen more than 5000 of these kind of fake/hidden/broken submissions over the past week.

    The submissions show up in the form_entry table, but have no entries in the form_entry_meta table.

    What’s the best way to try and catch more information around this problem?

Viewing 9 replies - 1 through 9 (of 9 total)
  • Plugin Support Amin – WPMU DEV Support

    (@wpmudev-support2)

    Hello @emuninja ,

    Just to be sure we are on the same page – the payment form with an active payment gateway which is required to submit the form is getting spam entries?

    This is a strange issue.

    Would you mind sharing URL of the form so we can check it?

    Also, please export the form and share it with us for deeper investigation. Please see here how to export it https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#import-export

    When you have exported the form please share it with us using pastebin.com or a service like gdrive.

    kind regards,
    Kasia

    Thread Starter emuninja

    (@emuninja)

    Yep, active gateway, receiving what appears to be spam entries, since we can’t see any of the details, it’s bit hard to be sure, but the form became about 5000% more popular in one day, so it’s unlikely to be real submissions.

    We’ve had to take down the form/page for the moment while trying to figure this one out. I can look at getting you an account, let me know how to send you login credentials.

    Pastebin of form (with redactions made to messages/identifying information) https://pastebin.com/euX40BBM

    Hi @emuninja,

    Hope this message finds you well and thanks for the information.

    Could you submit the login details at this form https://wpmudev.com/contact/#i-have-a-different-question, please?

    Kindly follow the template as follows:

    Subject: "Attn: Laura"

— Admin login:
Login URL:
Admin Username:
Admin Password:
---

Link where is published/draft the form.

Link to this thread: https://www.ads-software.com/support/topic/hidden-submissions/

    Please let us when you submitted this, so we can take a closer look.

    Kind regards,
    Laura

    Thread Starter emuninja

    (@emuninja)

    Hi Laura

    Thanks, those details have just been submitted.

    Plugin Support Nebu John – WPMU DEV Support

    (@wpmudevsupport14)

    Hi @emuninja,

    Could you please revert back to our email response so that we can help you further?

    Kind Regards,
    Nebu John

    Plugin Support Amin – WPMU DEV Support

    (@wpmudev-support2)

    Hello @emuninja ,

    You haven’t contacted us for over 2 weeks, so I will allow myself to close this ticket.

    If you still need help, just let us know.

    kind regards,
    Kasia

    Thread Starter emuninja

    (@emuninja)

    Hi Kasia

    We provided the login details to our site but heard nothing back from your team. Those login details are still valid if the team want to login and check the site.

    Hi @emuninja,

    Would you mind checking your email inbox maybe SPAM? We share further steps with you. Thanks.

    Best regards,
    Laura

    Thread Starter emuninja

    (@emuninja)

    Hi Laura, it looks like that email thread is being blocked by google (might explain why previous replies didn’t come through to you/Nebu.) I’ve started a new email thread and sent you a reply.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Hidden submissions’ is closed to new replies.