Does ActiveTrail – Contact Form 7 have any unpatched vulnerabilities?

No. All known vulnerabilities in ActiveTrail – Contact Form 7 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is ActiveTrail – Contact Form 7 compatible with WordPress 6.7.5?

According to WordPress.org data, ActiveTrail – Contact Form 7 1.2 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

How often is ActiveTrail – Contact Form 7 updated?

ActiveTrail – Contact Form 7 was last updated on Feb 12, 2025. Frequent updates are generally a positive security signal.

What is ActiveTrail – Contact Form 7's security score?

ActiveTrail – Contact Form 7 has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

ActiveTrail – Contact Form 7 Security & Risk Analysis

wordpress.org/plugins/activetrail-contact-form-7

The official ActiveTrail Email Marketing Integration for Contact Form 7

600 active installs v1.2 PHP + WP 4.7.0+ Updated Feb 12, 2025

activetrailcf7contact-form-7contactform7

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is ActiveTrail – Contact Form 7 Safe to Use in 2026?

Generally Safe

Score 92/100

ActiveTrail – Contact Form 7 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The activetrail-contact-form-7 plugin version 1.2 demonstrates a generally strong security posture, with no known vulnerabilities in its history and a clean static analysis report. The absence of critical or high-severity taint flows, dangerous functions, and file operations is commendable. The code also shows good practices regarding SQL queries, with 100% using prepared statements, and a high percentage of output escaping (94%). However, there are a few areas that warrant attention. The presence of 4 external HTTP requests without explicit mention of their security context could introduce risks if not handled carefully. Furthermore, the absence of nonce checks across the entire plugin, coupled with 6 capability checks, suggests potential areas where access control might be less robust than ideal, especially if any of the AJAX handlers (though currently zero) or future entry points are introduced without proper authentication. The lack of historical vulnerabilities is a positive sign, but it doesn't guarantee future immunity.

Key Concerns

No nonce checks present
External HTTP requests without clear context

Vulnerabilities

None known

ActiveTrail – Contact Form 7 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

ActiveTrail – Contact Form 7 Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

61 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

94% escaped65 total outputs

Attack Surface

ActiveTrail – Contact Form 7 Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 6

actionadmin_noticesactivetrail-cfs.php:100

actionadmin_enqueue_scriptsincludes\class-activetrail-cf7.php:126

actionadmin_enqueue_scriptsincludes\class-activetrail-cf7.php:128

actionwpcf7_editor_panelsincludes\class-activetrail-cf7.php:135

actionwpcf7_after_saveincludes\class-activetrail-cf7.php:137

actionwpcf7_before_send_mailincludes\class-activetrail-cf7.php:139

Maintenance & Trust

ActiveTrail – Contact Form 7 Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedFeb 12, 2025

PHP min version

Downloads9K

Community Trust

Rating0/100

Number of ratings0

Active installs600

Alternatives

ActiveTrail – Contact Form 7 Alternatives

CF7 WOW Styler – Visual Styler for Contact Form 7 Forms

cf7-styler

Save time by styling Contact Form 7 once and applying the same design to multiple forms – CF7 WOW Styler keeps them on brand with visual controls and …

3K 1 unpatched

CF7 Required custom field

cf7-required-custom-field

CF7 Required custom field - a plugin in which you customized your message for the required field for CF7.

100 No CVEs

CF7 Mailgun Domain Validation

cf7-mailgun-domain-validation

100

Allows email addresses using your site’s Mailgun domain to pass Contact Form 7’s form validation feature.

10 No CVEs

Contact Form 7 to Post

contact-form-7-to-post

Save contact form 7 submissions as new posts

10 No CVEs

Database Addon for Contact Form 7 – CFDB7

contact-form-cfdb7

Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.

600K 7 CVEs

Developer Profile

ActiveTrail – Contact Form 7 Developer Profile

activetrailteam

1 plugin · 600 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect ActiveTrail – Contact Form 7

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/activetrail-contact-form-7/admin/css/activetrail-cf7-admin.css/wp-content/plugins/activetrail-contact-form-7/admin/js/activetrail-cf7-admin.js

Script Paths

/wp-content/plugins/activetrail-contact-form-7/admin/js/activetrail-cf7-admin.js

Version Parameters

activetrail-cf7-admin.css?ver=activetrail-cf7-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

activetrail-cf7-panel

Data Attributes

wpcf7-activetrailwpcf7-activetrail-metawpcf7-activetrail-optional

FAQ