WP-Safety

AC Advanced Flamingo Settings Security & Risk Analysis

wordpress.org/plugins/ac-advanced-flamingo-settings

AC Advanced Flamingo Settings enhances and extends the functionality of the CF7 Flamingo plugin by adding customization options, import/export tools, …

500 active installs v1.4.3 PHP 7.2+ WP 5.4+ Updated Jan 4, 2026
contact-form-7contact-form-databaseexportflamingoimport
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is AC Advanced Flamingo Settings Safe to Use in 2026?

Generally Safe

Score 100/100

AC Advanced Flamingo Settings has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago
Risk Assessment

The plugin "ac-advanced-flamingo-settings" v1.4.3 exhibits a strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points indicates a well-defined and controlled attack surface. The code also demonstrates good practices by using prepared statements for all SQL queries and implementing nonce and capability checks for critical operations. The low percentage of unescaped outputs, while not perfect, is within a reasonable range and suggests a conscious effort to mitigate cross-site scripting vulnerabilities.

The taint analysis shows no identified flows with unsanitized paths, which is a significant positive indicator of the plugin's security. The vulnerability history is clean, with no recorded CVEs, suggesting a history of secure development or proactive patching by the developers. However, the presence of file operations without further context warrants a minor caution, as these could be potential vectors if not handled with extreme care.

Overall, this plugin appears to be securely developed and maintained. The strengths lie in its minimal and protected attack surface, proper handling of database queries, and lack of historical vulnerabilities. The only minor concern is the potential for vulnerabilities within the file operation functions, though without specific details from the taint analysis, this remains a theoretical risk. Given the data, the plugin is assessed as low risk.

Key Concerns

  • Outputs not properly escaped
Vulnerabilities
None known

AC Advanced Flamingo Settings Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

AC Advanced Flamingo Settings Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
7 prepared
Unescaped Output
15
61 escaped
Nonce Checks
4
Capability Checks
3
File Operations
5
External Requests
0
Bundled Libraries
0

SQL Query Safety

100% prepared7 total queries

Output Escaping

80% escaped76 total outputs
Attack Surface

AC Advanced Flamingo Settings Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 31
actionadmin_noticesac-advanced-flamingo-settings.php:43
actionadmin_menuincludes\class-acafs-plugin.php:14
actionadmin_initincludes\class-acafs-plugin.php:15
actionadmin_menuincludes\class-acafs-plugin.php:16
actionadmin_menuincludes\class-acafs-plugin.php:17
actionadmin_menuincludes\core\class-acafs-admin.php:7
actionadmin_enqueue_scriptsincludes\core\class-acafs-admin.php:8
actionadmin_initincludes\core\class-acafs-hooks.php:11
actionplugins_loadedincludes\core\class-acafs-hooks.php:17
actionadmin_noticesincludes\core\class-acafs-hooks.php:42
actionadmin_noticesincludes\core\class-acafs-hooks.php:47
actionadmin_initincludes\core\class-acafs-settings.php:7
actionacafs_render_settings_pageincludes\core\class-acafs-settings.php:8
actionwpcf7_before_send_mailincludes\features\class-acafs-cf7-persist-uploads.php:30
filterflamingo_add_inboundincludes\features\class-acafs-cf7-persist-uploads.php:33
filterflamingo_add_inboundincludes\features\class-acafs-cf7-persist-uploads.php:36
actionadmin_initincludes\features\class-acafs-columns.php:8
filtermanage_flamingo_contact_posts_columnsincludes\features\class-acafs-columns.php:11
actionmanage_flamingo_contact_posts_custom_columnincludes\features\class-acafs-columns.php:12
filtermanage_flamingo_inbound_posts_columnsincludes\features\class-acafs-columns.php:19
actionmanage_flamingo_inbound_posts_custom_columnincludes\features\class-acafs-columns.php:20
actionadmin_post_acafs_export_flamingo_messagesincludes\features\class-acafs-export.php:7
actionacafs_render_import_export_pageincludes\features\class-acafs-export.php:8
actionadmin_noticesincludes\features\class-acafs-export.php:9
actionadmin_post_acafs_get_message_countincludes\features\class-acafs-export.php:11
actionadmin_post_nopriv_acafs_get_message_countincludes\features\class-acafs-export.php:12
actionadmin_post_acafs_import_flamingo_messagesincludes\features\class-acafs-import.php:11
actionacafs_render_import_export_pageincludes\features\class-acafs-import.php:12
actionadmin_noticesincludes\features\class-acafs-import.php:13
actionacafs_render_uploaded_files_pageincludes\features\class-acafs-uploaded-files.php:14
actionadmin_initincludes\features\class-acafs-uploaded-files.php:15
Maintenance & Trust

AC Advanced Flamingo Settings Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 4, 2026
PHP min version7.2
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs500
Alternatives

AC Advanced Flamingo Settings Alternatives

All-in-One WP Migration and Backup

All-in-One WP Migration and Backup

all-in-one-wp-migration

A
90

Trusted by 60M+ sites: The gold standard for WordPress migration and backup. Migrate, backup, and restore your WordPress site with one click.

5.0M 13 CVEs
Widget Importer & Exporter

Widget Importer & Exporter

widget-importer-exporter

A
100

Import and export your widgets.

200K No CVEs
WP Migrate Lite – Migration Made Easy

WP Migrate Lite – Migration Made Easy

wp-migrate-db

A
99

Migrate your database. Export full sites including media, themes, and plugins. Find and replace content with support for serialized data.

200K 1 CVE
Customizer Export/Import

Customizer Export/Import

customizer-export-import

A
96

Easily export or import your WordPress customizer settings!

100K 3 CVEs
Product Import Export for WooCommerce – Import Export Product CSV Suite

Product Import Export for WooCommerce – Import Export Product CSV Suite

product-import-export-for-woo

A
94

Easily import/export WooCommerce products (simple, grouped, external/affiliate) via CSV. Transfer product data, including images, reviews, categories, …

90K 7 CVEs
Developer Profile

AC Advanced Flamingo Settings Developer Profile

Richie Arnold

3 plugins · 520 total installs

88
trust score
Avg Security Score
92/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect AC Advanced Flamingo Settings

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/ac-advanced-flamingo-settings/assets/css/acafs-admin-style.css/wp-content/plugins/ac-advanced-flamingo-settings/assets/js/acafs-admin.js
Script Paths
/wp-content/plugins/ac-advanced-flamingo-settings/assets/js/acafs-admin.js
Version Parameters
ac-advanced-flamingo-settings/assets/css/acafs-admin-style.css?ver=ac-advanced-flamingo-settings/assets/js/acafs-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
acafs-field-options
FAQ

Frequently Asked Questions about AC Advanced Flamingo Settings