Does Color Picker for Contact Form 7 have any unpatched vulnerabilities?

No. All known vulnerabilities in Color Picker for Contact Form 7 have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Color Picker for Contact Form 7 compatible with WordPress 6.5.8?

According to WordPress.org data, Color Picker for Contact Form 7 0.1.3 has been tested up to WordPress 6.5.8. Check the plugin's changelog for the latest compatibility information.

How often is Color Picker for Contact Form 7 updated?

Color Picker for Contact Form 7 was last updated on Apr 10, 2024. Frequent updates are generally a positive security signal.

What is Color Picker for Contact Form 7's security score?

Color Picker for Contact Form 7 has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Color Picker for Contact Form 7 Security & Risk Analysis

wordpress.org/plugins/cf7-color-picker

Easily add a color field to your CF7 forms. This plugin depends on Contact Form 7.

300 active installs v0.1.3 PHP + WP 3.0+ Updated Apr 10, 2024

color-pickercontact-form-7forms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Color Picker for Contact Form 7 Safe to Use in 2026?

Generally Safe

Score 92/100

Color Picker for Contact Form 7 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The cf7-color-picker v0.1.3 plugin exhibits a strong security posture based on the provided static analysis. The absence of any identified dangerous functions, SQL injection vulnerabilities (all queries use prepared statements), file operations, or external HTTP requests is commendable. The fact that all output is properly escaped and a nonce check is present further strengthens its defensive mechanisms. The plugin also has a clean vulnerability history with no known CVEs, indicating a low risk of exploitation through previously disclosed vulnerabilities.

However, the absence of capability checks and the lack of any identified REST API routes or AJAX handlers without permission callbacks are areas that warrant attention. While the current attack surface appears to be zero, which is excellent, relying solely on the absence of discovered vulnerabilities can be misleading. A more comprehensive security review, including dynamic analysis, might reveal potential weaknesses. Overall, the plugin demonstrates good development practices in terms of secure coding, but the limited scope of the analysis means that potential issues related to access control might be overlooked.

Key Concerns

No capability checks found

Vulnerabilities

None known

Color Picker for Contact Form 7 Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Color Picker for Contact Form 7 Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

36 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped36 total outputs

Attack Surface

Color Picker for Contact Form 7 Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionadmin_menuadmin\class-wpcf7-color-admin.php:52

actioninitcontact-form-7-color-picker.php:68

actionplugins_loadedincludes\class-wpcf7-color.php:116

actiontgmpa_registerincludes\class-wpcf7-color.php:130

actionadmin_initincludes\class-wpcf7-color.php:133

actionwpcf7_admin_initincludes\class-wpcf7-color.php:149

actionwp_enqueue_scriptsincludes\class-wpcf7-color.php:166

actionwpcf7_initincludes\class-wpcf7-color.php:169

filterwpcf7_validate_colorincludes\class-wpcf7-color.php:170

filterwpcf7_validate_color*includes\class-wpcf7-color.php:171

Maintenance & Trust

Color Picker for Contact Form 7 Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8

Last updatedApr 10, 2024

PHP min version

Downloads6K

Community Trust

Rating90/100

Number of ratings2

Active installs300

Alternatives

Color Picker for Contact Form 7 Alternatives

Conditional Fields for Contact Form 7

cf7-conditional-fields

Adds conditional logic to Contact Form 7.

100K 4 CVEs

Image CAPTCHA for Contact Form 7 and WPForms by HookAndHook (DSGVO/GDPR)

contact-form-7-image-captcha

100

Adds an Image CAPTCHA to Contact Form 7 and WPForms, GDPR ready, perfect WPForms or Contact Form 7 Spam Protection Image CAPTCHA, adds a honeypot

80K No CVEs

Database for Contact Form 7, WPforms, Elementor forms

contact-form-entries

Saves Contact Form 7, WPforms,Elementor Forms, CRM Perks Forms and many other contact form submissions to database.

70K 13 CVEs

Ultra Addons for Contact Form 7

ultimate-addons-for-contact-form-7

50+ Essential Addons for Contact Form 7 - Conditional Fields, Multi Step, Redirection, Columns, WooCommerce, Mailchimp & more

60K 13 CVEs

GSheetConnector for CF7 – Connect Contact Form 7 to Google Sheets and Send Form Submissions in Real Time

cf7-google-sheets-connector

Send your Contact Form 7 data directly to your Google Sheets spreadsheet.

40K 4 CVEs

Developer Profile

Color Picker for Contact Form 7 Developer Profile

Florent Maillefaud

4 plugins · 59K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

398 days

View full developer profile

Detection Fingerprints

How We Detect Color Picker for Contact Form 7

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cf7-color-picker/admin/js/js-color-options.js

Script Paths

js/js-color-options.js

Version Parameters

cf7-color-picker/admin/js/js-color-options.js?ver=

HTML / DOM Fingerprints

CSS Classes

color-fieldtg-namedefaultcolorvalueonelineoptionidvalueclassvalue

Data Attributes

id="dd3333"

Shortcode Output

<input type="text" name="color" class="tag code" readonly="readonly" onfocus="this.select()" />

FAQ