
AmwalPay for Contact Form 7 Security & Risk Analysis
wordpress.org/plugins/amwalpay-for-contact-form-7Accept Secure Payments with AmwalPay for Contact Form 7
Is AmwalPay for Contact Form 7 Safe to Use in 2026?
Generally Safe
Score 92/100AmwalPay for Contact Form 7 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'amwalpay-for-contact-form-7' plugin, version 1.0.0, exhibits a generally positive security posture based on the provided static analysis. The code diligently utilizes prepared statements for all SQL queries, which significantly mitigates the risk of SQL injection vulnerabilities. Furthermore, the presence of nonce and capability checks, though limited in number, indicates an awareness of common WordPress security best practices.
However, a notable concern arises from the output escaping. With only 51% of outputs properly escaped, there is a substantial risk of Cross-Site Scripting (XSS) vulnerabilities. This means that user-supplied data or data processed by the plugin could be rendered directly in the browser without adequate sanitization, potentially allowing attackers to inject malicious scripts. The lack of any identified critical or high severity taint flows in the analysis is a positive sign, but it does not negate the XSS risk associated with poor output escaping.
The plugin's vulnerability history is notably clean, with no recorded CVEs. This absence of known vulnerabilities, combined with the good SQL practices, suggests a relatively stable and well-maintained codebase in terms of historical security issues. However, the static analysis highlights an area of weakness in output escaping that could lead to new vulnerabilities. In conclusion, while the plugin benefits from secure SQL handling and a clean vulnerability history, the significant proportion of unescaped output presents a tangible risk that warrants attention.
Key Concerns
- Significant portion of outputs not properly escaped (XSS risk)
AmwalPay for Contact Form 7 Security Vulnerabilities
AmwalPay for Contact Form 7 Release Timeline
AmwalPay for Contact Form 7 Code Analysis
SQL Query Safety
Output Escaping
AmwalPay for Contact Form 7 Attack Surface
Shortcodes 1
WordPress Hooks 8
Maintenance & Trust
AmwalPay for Contact Form 7 Maintenance & Trust
Maintenance Signals
Community Trust
AmwalPay for Contact Form 7 Alternatives
Business Essentials for Contact Form 7
cf7-redirect-thank-you-page
Business Essentials for Contact Form 7
Accept PayPal Payments using Contact Form 7
contact-form-7-paypal-extension
Integrate PayPal Submit button in Contact Form 7 to Enjoy Quick Online Payments.
Integrate Razorpay for Contact Form 7
integrate-razorpay-contact-form-7
Seamlessly integrates Razorpay with Contact Form 7
Accept Authorize.NET Payments Using Contact Form 7
accept-authorize-net-payments-using-contact-form-7
Contact Form 7 - Integrate Authorize.Net payment gateway for making your payments through Contact Form 7.
Payment Plugins for Contact Form 7 – by Pay Addons
accept-stripe-for-contact-form-7
Accept payments through Contact Form 7 with Stripe. Create payment forms, donation forms, and subscriptions with credit cards, Google Pay, Apple Pay, …
AmwalPay for Contact Form 7 Developer Profile
3 plugins · 300 total installs
How We Detect AmwalPay for Contact Form 7
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/amwalpay-for-contact-form-7/includes/amwalpay_cf7_redirect.phpHTML / DOM Fingerprints
name="_amwalpay_cf7_enable"name="_amwalpay_cf7_email"name="_amwalpay_cf7_price"