I’m not sure if this is a sign of things to come, but I have noticed a few websites we manage seem to be letting spam through the forms, despite having anti-spam honeypots & reCaptcha enabled.
At the moment, it seems to only be on two websites we manage and they are totally unrelated, but noth seem to be suffering the same issues.
And we’re talking a fair bit of obvious spam, too;
Lots of .ru domains and stuff, none of the names are sensible – the actual entries are all like this;
So like I said – obviously spam.
I have regenerated details, switched from V2 to V3, reinstalled plugins – still nothing.
During my investigation today, I spotted this in the entries screen;
I Googled this, and found someone talking about it but they asked the OP to check if they have green ticks next to the API details;
Same for the v2 details – green ticks all over.
I did some deep searching and found that there are services called XEvil – which seem to be freely available to download and use by anyone who wants to be an absolute nuisance. Its software that has been designed using AI to bypass Captcha 🙁
Anyone else noticed issues like this on WordPress websites, or any other CMS?
Leave a Reply