Does Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 have any unpatched vulnerabilities?

No. All known vulnerabilities in Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 compatible with WordPress 6.7.5?

According to WordPress.org data, Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 1.0.1 has been tested up to WordPress 6.7.5. Check the plugin's changelog for the latest compatibility information.

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Security & Risk Analysis

wordpress.org/plugins/bridhy-addons-for-contact-form-7

Build & style Contact Form 7 forms visually without writing any code. Bridhy also comes with essential addons to make your forms super powerful.

100 active installs v1.0.1 PHP + WP 5.0+ Updated Dec 22, 2024

contact-form-7contact-form-7-addoncontact-form-7-databasecontact-form-7-stylerform-builder

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Safe to Use in 2026?

Generally Safe

Score 92/100

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "bridhy-addons-for-contact-form-7" plugin v1.0.1 exhibits a generally good security posture, with a very small attack surface and a high percentage of properly escaped outputs. The absence of known CVEs and zero recorded vulnerabilities in its history are positive indicators of developer diligence. However, the static analysis reveals a few areas for improvement.

The primary concern is the presence of the `unserialize` function, which can be a significant security risk if used with untrusted input, potentially leading to Remote Code Execution (RCE) vulnerabilities. While no taint flows were found to be unsanitized in the analyzed paths, the mere presence of this function warrants caution. Additionally, the plugin performs file operations and uses SQL queries with a significant portion not employing prepared statements, which could be exploited in certain scenarios. The lack of capability checks for its single shortcode is also a notable weakness.

Despite these concerns, the plugin's small attack surface, high output escaping rate, and clean vulnerability history suggest it is likely not actively malicious or riddled with widespread vulnerabilities. The core risk stems from the potential misuse of `unserialize` and the less secure SQL queries. Addressing these specific code signals and implementing capability checks would significantly bolster its security.

Key Concerns

Uses unserialize function
SQL queries not fully prepared
Missing capability checks
File operations present

Vulnerabilities

None known

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

90 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$first_row = isset($results[0]) ? unserialize($results[0]->form_data) : '';includes\Form\Form_subPage_Table.php:79

unserialize$form_value = isset($result) ? unserialize($result->form_data) : '';includes\Form\Form_subPage_Table.php:135

Bundled Libraries

Select2Guzzle

SQL Query Safety

29% prepared7 total queries

Output Escaping

92% escaped98 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<admin-app-subpage> (includes\template\admin-app-subpage.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[vue-app] includes\Frontend.php:10

WordPress Hooks 30

actionplugins_loadedbridhy-addons-for-contact-form-7.php:73

actioninitbridhy-addons-for-contact-form-7.php:227

actioninitbridhy-addons-for-contact-form-7.php:230

actionadmin_menuincludes\Admin.php:14

actionadmin_enqueue_scriptsincludes\Admin.php:56

actionrest_api_initincludes\Api.php:17

actionadmin_enqueue_scriptsincludes\Assets.php:16

filterscript_loader_tagincludes\Assets.php:17

actionwp_enqueue_scriptsincludes\Assets.php:20

actionenqueue_scriptsincludes\Builder.php:23

actionadmin_enqueue_scriptsincludes\Builder.php:24

filterwpcf7_editor_panelsincludes\Builder.php:26

actionwpcf7_initincludes\Fields\CountryTag.php:16

filterwpcf7_validate_countrynameincludes\Fields\CountryTag.php:17

filterwpcf7_validate_countryname*includes\Fields\CountryTag.php:18

actionwpcf7_admin_initincludes\Fields\CountryTag.php:19

actionwp_enqueue_scriptsincludes\Fields\CountryTag.php:20

actionwpcf7_initincludes\Fields\TimeZoneTag.php:17

filterwpcf7_validate_timezoneincludes\Fields\TimeZoneTag.php:18

filterwpcf7_validate_timezone*includes\Fields\TimeZoneTag.php:19

actionwpcf7_admin_initincludes\Fields\TimeZoneTag.php:20

actionwpcf7_before_send_mailincludes\Form\Submission.php:16

actionwp_footerincludes\Frontend.php:11

actionadmin_noticesincludes\Installer.php:68

actionwp_enqueue_scriptsincludes\RedirectionSettings.php:17

actionadmin_enqueue_scriptsincludes\RedirectionSettings.php:18

actionwpcf7_after_saveincludes\RedirectionSettings.php:19

actionwpcf7_submitincludes\RedirectionSettings.php:20

actionadmin_enqueue_scriptsincludes\Settings.php:18

filterwpcf7_editor_panelsincludes\Settings.php:19

Maintenance & Trust

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5

Last updatedDec 22, 2024

PHP min version

Downloads3K

Community Trust

Rating80/100

Number of ratings1

Active installs100

Alternatives

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Alternatives

Database for Contact Form 7, WPforms, Elementor forms

contact-form-entries

Saves Contact Form 7, WPforms,Elementor Forms, CRM Perks Forms and many other contact form submissions to database.

70K 13 CVEs

Ultra Addons for Contact Form 7

ultimate-addons-for-contact-form-7

50+ Essential Addons for Contact Form 7 - Conditional Fields, Multi Step, Redirection, Columns, WooCommerce, Mailchimp & more

60K 13 CVEs

$DS CF7 Math Captcha$

DS CF7 Math Captcha

ds-cf7-math-captcha

"DS CF7 Math Captcha" is a math captcha with refresh captcha functionality to prevent unwanted spam for your contact form 7 plugin.

30K 1 CVE

reCaptcha Add-On for FormCraft

formcraft-recaptcha

Add reCaptcha to your FormCraft forms.

7K No CVEs

Popups – Submission Messages For Contact Form 7

cf7-popups

100

Display contact form 7 default messages in stylish popup as user submits the form.

3K No CVEs

Developer Profile

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Developer Profile

WP Grids

4 plugins · 21K total installs

trust score

Avg Security Score

82/100

Avg Patch Time

98 days

View full developer profile

Detection Fingerprints

How We Detect Bridhy – No-code Drag & Drop Form Builder for Contact Form 7

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/css/builder.css/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/css/cf7vb-frontend.css/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/js/cf7vb-frontend.js/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/js/cf7vb-builder.js

Script Paths

/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/js/cf7vb-frontend.js/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/js/cf7vb-builder.js

Version Parameters

/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/css/builder.css?ver=/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/css/cf7vb-frontend.css?ver=/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/js/cf7vb-frontend.js?ver=/wp-content/plugins/bridhy-addons-for-contact-form-7/assets/js/cf7vb-builder.js?ver=

HTML / DOM Fingerprints

CSS Classes

cf7vb-form-field-wrappercf7vb-form-fields

Data Attributes

data-cf7vb-id

JS Globals

cf7vb_form_data

FAQ

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Security & Risk Analysis

Is Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Safe to Use in 2026?

Generally Safe

Key Concerns

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Security Vulnerabilities

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Attack Surface

Shortcodes 1

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Maintenance & Trust

Maintenance Signals

Community Trust

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Alternatives

Database for Contact Form 7, WPforms, Elementor forms

Ultra Addons for Contact Form 7

DS CF7 Math Captcha

reCaptcha Add-On for FormCraft

Popups – Submission Messages For Contact Form 7

Bridhy – No-code Drag & Drop Form Builder for Contact Form 7 Developer Profile

How We Detect Bridhy – No-code Drag & Drop Form Builder for Contact Form 7

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Bridhy – No-code Drag & Drop Form Builder for Contact Form 7