HTML form rendering with weird hidden input fields

  • Resolved scalabria

    (@scalabria)


    3 years, 11 months ago

    I have a hubspot lead form on my site to collect customer info. On our live production site, there are hidden input fields with encrypted looking name and value attributes. Here is an example:

    <input type=”hidden” name=”fxOAgTXmrd_k” value=”MHVgCPf2J”>
    <input type=”hidden” name=”jEvdKncJwDa” value=”UFQPsvy5bx60OL”>
    <input type=”hidden” name=”lcZhEMQDb-” value=”nNrvImtYAwde]L”>

    These hidden fields are not in the actual page templates, so I don’t know where they’re coming from. I understand are generated by WP Cerber. They are used by the anti-spam engine. If there is anyway I can “block” them so they don´t appear on my inbox as part of the info?

    Thanks

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author gioni

    (@gioni)

    3 years, 11 months ago

    You need to disable WP Cerber’s anti-spam on the page with the HubSpot form. See “How to disable anti-spam on a selected page” here: https://wpcerber.com/antispam-exception-for-specific-http-request/

    Thread Starter scalabria

    (@scalabria)

    3 years, 11 months ago

    Thank you Gregory for your reply! May I ask you why WP Cerber´s anti-spam pick those fields up, anyway? Just curious.

    Thank you.

    Plugin Author gioni

    (@gioni)

    3 years, 11 months ago

    We have implemented it in the least conflicting way. The only known source of such an issue is HubSpot. Normally, form-processing software processes fields that belong to a specific form only. Especially if it delivers values directly to users. It’s a secure way. Probably HubSpot uses some code developed decades ago by an overseas outsourcing team. Frankly, I would call it a breach. If your page has been infected with malicious code, any malware can be delivered to your inbox with a “trusted source” label. I wish that will never happen.

    Thread Starter scalabria

    (@scalabria)

    3 years, 11 months ago

    Thank you, Gregory! I appreciate your time!

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘HTML form rendering with weird hidden input fields’ is closed to new replies.