Security Issue User Registration (Version 2.1.12)

It’s a required checkbox you have to click to accept the General Data Protection Regulation “GDPR”. “DSGVO” is the short name for it in our country.
If the user registration is performed normally, the field contains the note “Accepted”.

It’s in german version i hope its clear anyway.

Screenshot DSGVO Field

During a normal user registration, as far as I have tested it, you cannot create a new user without confirming this field!

So a bot or spammer must have managed to bypass this process somehow!

I saw that there is an option for the DSGVO in your form, I will try to use this function instead of the checkbox field. Let’s see if that helps, but it should work with the checkbox field too!

• This reply was modified 5 years, 6 months ago by Edgar Pfandler.
• This reply was modified 5 years, 6 months ago by Edgar Pfandler.

Sorry but your registration form still have a security issue!
Today i got another spam registration even with your dsgvo function field!

The registration date field is also empty again!

Screenshot e-mail register information

Recaptcha is the next thing I wanted to try, but again:

It is obvious that someone is using the form in a different way to create users. A normal user registration looks different and can’t bypass mandatory fields! So I believe that even a Recaptcha will not change this!

• This reply was modified 5 years, 6 months ago by Edgar Pfandler.