Possible security breach

  • I have monitored many suspicous registrations in last months from, presumably, Russia, since a security plugin installed successfuly caught many SQL-injection attempts from IPs originating in Russia…

    Only outside entrance on the site is the registration form, and we are having very suspicious registrations example:

    Username: Veronafyt Name: Veronafyt Last name: Veronafyt, email: [email protected]

    and a LOT of registration similar to this one,
    I’ve tried to bypass the captcha on the registration page, that didn’t work,
    but these registrations are coming again and again 3-5 per day,

    could you please revise this captcha plugin and Ultimate Member plugin for possible security breaches allowing skipping the ReCaptcha confirmation?’

    Thank you for your work !

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter jave.web

    (@javeweb)

    I’m reporting that even after latest updates of both Ultimate Member plugin and this recaptcha plugin we are still getting russian-attack-like accounts (like 10 per day) all somehow bypassing the captcha.

    wiresandwifi

    (@wiresandwifi)

    Good day,

    I am having the exact same issue and the exact same looking email addresses.

    I have tried Recaptcha V2 and V3.

    Under Blocked email addresses I have the following.
    `*@*.ru
    *.*.*.*.*.*.*.*.*.*.*.*.*.*@gmail.com
    *.*.*.*.*.*.*.*.*.*.*.*.*@gmail.com
    *.*.*.*.*.*.*.*.*.*.*.*@gmail.com
    *.*.*.*.*.*.*.*.*.*.*@gmail.com
    *.*.*.*.*.*.*.*.*.*@gmail.com
    *.*.*.*.*.*.*.*.*@gmail.com
    *.*.*.*.*.*.*.*@gmail.com

    Nothing seems to be keeping them out.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Possible security breach’ is closed to new replies.