CVE-2021-42358: cfwc-form.php in contact-form-with-captcha/trunk – WordPress Plugin Repository

1<?php2/*3if(!is_callable(‘recaptcha_check_answer’)) require_once(WP_PLUGIN_DIR . ‘/contact-form-with-captcha/captcha/recaptchalib.php’);45$resp = null;6$error = null;78if ($_POST[“recaptcha_response_field”]) {9 $resp = recaptcha_check_answer ($privatekey,10 $_SERVER[“REMOTE_ADDR”],11 $_POST[“recaptcha_challenge_field”],12 $_POST[“recaptcha_response_field”]);13*/1415require_once WP_PLUGIN_DIR . '/contact-form-with-captcha/captcha/autoload.php’;1617if (isset($_POST[‘g-recaptcha-response’]))18{19 $recaptcha = new \ReCaptcha\ReCaptcha($privatekey);2021 $resp = $recaptcha->verify($_POST[‘g-recaptcha-response’], $_SERVER[‘REMOTE_ADDR’]);2223 if ($resp->isSuccess()) {24 25 { 26 $_POST = str_replace("\\","",$_POST);27 28 // — CONFIG PARAMETERS — //29 $email_recipient = $cfwc_to;30 $email_sender = $_POST[“contact_name”];31 $email_return_to = $_POST[“contact_email”];32 $email_content_type = “text/html; charset=UTF-8";33 $email_client = “PHP/” . phpversion();3435 // — SUBJECT — //36 $email_subject = $cfwc_subject_prefix . ' ' . $_POST[“contact_subject”] . ' ' . $cfwc_subject_suffix ;373839 // — DEFINE HEADERS — //4041 $email_header = “From: =?UTF-8?B?".base64_encode($email_sender)."?=” . " <do_not_reply@” . $_SERVER[‘SERVER_NAME’] . “>” . "\r\n";4243 //$email_header .= “Subject: =?UTF-8?B?".base64_encode($email_subject)."?=” . "\r\n";4445 $email_header .= "Reply-To: " . $email_return_to . "\r\n";46 $email_header .= "Return-Path: " . $email_return_to . "\r\n";47 $email_header .= "Content-type: " . $email_content_type . "\r\n";48 $email_header .= "X-Mailer: " . $email_client . "\r\n";4950 // — CONTENTS — //51 52 $email_contents = “<html>";53 $email_contents .= “<h2>” . $_POST[“contact_subject”] . “</h2>";54 $email_contents .= “<br><b>Sender Name:</b> " . $email_sender;55 $email_contents .= “<br><b>Sender Email:</b> " . $email_return_to;56 $email_contents .= '<br><b>Sender IP Address:</b> ' . $_SERVER[“REMOTE_ADDR”] . ' <strong>(<a href="http://www.teqlog.com/find-my-ip-address.html">Find location for this IP</a></strong>)‘;57 $email_contents .= “<br><br>” . $_POST[“contact_message”]; 58 $email_contents .= "</html>";59 60 if (mail($email_recipient, $email_subject, $email_contents, $email_header))61 { 62 if ($cfwc_success_msg != null)63 {64 echo “<center><h2>” . $cfwc_success_msg . "</h2></center>";65 }66 else67 {68 echo “<center><h2>Thank you for contacting us!</h2></center>";69 }70 } 71 else 72 { 73 if ($cfwc_failure_msg != null)74 {75 echo “<center><h2>” . $cfwc_failure_msg . “</h2></center>";76 }77 else78 {79 echo “<center><h2>Can’t send email to Administrator. Please try later</h2></center>";80 } 81 } 82 }83 } 84 else 85 {?>86878889<h2>Something went wrong</h2>90 <p>The following error was returned: <?php91 foreach ($resp->getErrorCodes() as $code) {92 echo ‘<tt>’ , $code , '</tt> ';93 }94 ?></p>95 <p>Check the error code reference at <tt><a href="https://developers.google.com/recaptcha/docs/verify#error-code-reference">https://developers.google.com/recaptcha/docs/verify#error-code-reference</a></tt>.96 <p><strong>Note:</strong> Error code <tt>missing-input-response</tt> may mean the user just didn’t complete the reCAPTCHA.</p>9798 99 <?php100 echo “<center><h2>Incorrect Captcha!</h2></center>";101 102 }103}104105106107?>108109<script language="JavaScript” type="text/javascript">110111function focuson() { document.cfwc_contactform.number.focus()}112113function check(){114var str1 = document.getElementById(“contact_email”).value;115var filter=/^(.+)@(.+).(.+)$/i116if (!( filter.test( str1 ))){alert(“Incorrect email address!”);return false;}117if(document.getElementById(“recaptcha_response_field”).value=="”)118 {119 alert(“Please enter captcha”);120 return false;121 }122}123</script>124125<script type="text/javascript">126 var RecaptchaOptions = {127 theme : '<?php echo $cfwc_captcha_theme; ?>’128 };129 </script>130131<?php echo '<link rel="stylesheet” type="text/css” href="’ . get_bloginfo(‘wpurl’) . '/wp-content/plugins/contact-form-with-captcha/cfwc.css” />’; ?>132133<div id="cfwc_contactform">134<!-- Contact form with Captcha - For more details visit http://www.teqlog.com/wordpress-contact-form-with-captcha-plugin.html -->135<form action="” method="POST” name="ContactForm” onsubmit="return check();">136137<table>138 <tbody>139 <tr>140 <td>141 <?php 142 if ($cfwc_full_name != null)143 {144 echo $cfwc_full_name ;145 }146 else147 {148 echo “Full Name:"; 149 }150 ?>151 <?php if ($cfwc_form_theme == “stacked”) {echo “<br>";} else {echo “</td><td>";} ?>152 <input name="contact_name” type="text” value="<?php if(isset($_POST[‘contact_name’]) && !$resp->is_valid ) echo $_POST[‘contact_name’]; ?>"/>153 </td>154 </tr>155 <tr/><tr/><tr/><tr/>156 <tr>157 <td>158 <?php 159 if ($cfwc_e_mail != null)160 {161 echo $cfwc_e_mail ;162 }163 else164 {165 echo “E Mail:";166 }167 ?>168 <?php if ($cfwc_form_theme == “stacked”) {echo “<br>";} else {echo “</td><td>";} ?>169 <input id="contact_email” name="contact_email” type="text” value="<?php if(isset($_POST[‘contact_email’]) && !$resp->is_valid ) echo $_POST[‘contact_email’]; ?>"/></td>170 </tr>171 <tr/><tr/><tr/><tr/>172 <tr>173 <td>174 <?php 175 if ($cfwc_subj != null)176 {177 echo $cfwc_subj ;178 }179 else180 {181 echo “Subject:"; 182 }183 ?>184 <?php if ($cfwc_form_theme == “stacked”) {echo “<br>";} else {echo “</td><td>";} ?>185 <?php186 if ($cfwc_subject == null)187 {188 echo '<input name="contact_subject” class="cfwc_inputdata” type="text” value="’; if(isset($_POST[‘contact_subject’]) && !$resp->is_valid ) echo $_POST[‘contact_subject’]; echo '"/>’;189 }190 else191 {192 $subject_tok = explode(“:",$cfwc_subject);193 echo '<select name="contact_subject">’;194 foreach ($subject_tok as $v) 195 {196 echo ‘<option value="’ . $v . ‘">’ . $v . '</option>’;197 }198 echo ‘</select>’;199 }200 ?>201 </td>202 </tr>203 <tr/><tr/><tr/><tr/>204 <tr>205 <td>206 <?php 207 if ($cfwc_message != null)208 {209 echo $cfwc_message ;210 }211 else212 {213 echo "Message:"; 214 }215 ?>216 <?php if ($cfwc_form_theme == “stacked”) {echo “<br>";} else {echo “</td><td>";} ?>217 <textarea name="contact_message” id="contact_message” ><?php if(isset($_POST[‘contact_message’]) && !$resp->is_valid ) echo $_POST[‘contact_message’]; ?></textarea></td>218 </tr>219 <tr/><tr/><tr/><tr/>220 <tr>221 <td>222 <?php if ($cfwc_form_theme == “stacked”) {echo "<br>";} else {echo “</td><td>";} ?>223 <?php224 if ($publickey != null)225 {?>226 <div class="g-recaptcha” data-sitekey="<?php echo $publickey; ?>"></div>227 <script type="text/javascript"228 src="https://www.google.com/recaptcha/api.js?hl=en">229 </script>230 <?php231 }232 else233 {234 echo “To use reCAPTCHA you must get an API key from <a href=’https://www.google.com/recaptcha/admin/create’>https://www.google.com/recaptcha/admin/create</a> and enter it from the plugin menu";235 }236 ?>237 </td>238 </tr>239 <tr/><tr/><tr/><tr/>240 <tr>241 <td>242 <?php if ($cfwc_form_theme == “stacked”) {echo “<br>";} else {echo “</td><td>";} ?>243 <input name="Contact_Send” value="<?php if ($cfwc_button != null){ echo $cfwc_button ; } else { echo “Send Message";} ?> " type="submit"> 244 <input name="SendMessage” value="1” type="hidden">245 </td>246 </tr>247 <tr>248 <td>249 <?php 250 /*if ($cfwc_credit != “true”)251 echo '<p class="credit">Powered by <a href="http://www.teqlog.com">Technology blog</a></p>’;252 else253 {254 echo '<div id="cimg"><a title="Technology Blog” href="http://www.teqlog.com/"><img src="’ ; echo WP_PLUGIN_URL; echo '/contact-form-with-captcha/1.gif” alt="Technology Blog” /></a></div>’;255 }*/256 ?>257 </td>258 </tr>259 </tbody>260</table>261262</form>263<!-- Contact form with Captcha - For more details visit http://www.teqlog.com/wordpress-contact-form-with-captcha-plugin.html -->264</div>