WP-Safety

Smart Grid-Layout Design for Contact Form 7 Security & Risk Analysis

wordpress.org/plugins/cf7-grid-layout

This plugins allow pure CSS responsive grid layouts for contact form 7. It enables rich interlinking of your CMS data via taxonomy/posts populated dr …

10K active installs v4.15.8 PHP 5.6+ WP 4.7+ Updated Jun 13, 2024
contact-form-7-extensioncontact-form-7-moduleform-custom-stylingmulti-step-formresponsive-forms
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Smart Grid-Layout Design for Contact Form 7 Safe to Use in 2026?

Generally Safe

Score 92/100

Smart Grid-Layout Design for Contact Form 7 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The 'cf7-grid-layout' plugin version 4.15.8 presents a mixed security posture. While the plugin has no recorded vulnerability history and avoids using dangerous functions or making external HTTP requests, several concerning aspects are highlighted in the static analysis. A significant portion of its attack surface, specifically all four AJAX handlers, lacks authentication checks. Furthermore, a considerable number of output operations (86%) are not properly escaped, and there's a flow with an unsanitized path identified in the taint analysis. The presence of raw SQL queries, though a minority, also warrants attention. These factors collectively introduce potential risks of unauthorized access and cross-site scripting (XSS) vulnerabilities, despite the absence of known CVEs. The lack of a vulnerability history might indicate good development practices or simply a lack of discovery, but the identified code signals suggest a need for improvement in input validation, output sanitization, and access control for its AJAX endpoints.

Key Concerns

  • AJAX handlers without authentication checks
  • Low percentage of properly escaped output
  • Flow with unsanitized paths
  • SQL queries without prepared statements
  • Bundled outdated library: Select2 v4.0.13
Vulnerabilities
None known

Smart Grid-Layout Design for Contact Form 7 Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Smart Grid-Layout Design for Contact Form 7 Code Analysis

Dangerous Functions
0
Raw SQL Queries
2
1 prepared
Unescaped Output
370
58 escaped
Nonce Checks
4
Capability Checks
2
File Operations
19
External Requests
0
Bundled Libraries
1

Bundled Libraries

Select24.0.13

SQL Query Safety

33% prepared3 total queries

Output Escaping

14% escaped428 total outputs
Data Flows
1 unsanitized

Data Flow Analysis

4 flows1 with unsanitized paths
enable_cf7_editor_role (admin\class-cf7-grid-layout-admin.php:1654)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
4 unprotected

Smart Grid-Layout Design for Contact Form 7 Attack Surface

Entry Points4
Unprotected4

AJAX Handlers 4

authwp_ajax_get_cf7_contentincludes\class-cf7-grid-layout.php:205
authwp_ajax_validate_cf7sg_version_updateincludes\class-cf7-grid-layout.php:245
noprivwp_ajax_save_grid_fieldsincludes\class-cf7-grid-layout.php:280
authwp_ajax_save_grid_fieldsincludes\class-cf7-grid-layout.php:281
WordPress Hooks 73
actionadmin_enqueue_scriptsadmin\class-cf7-grid-layout-admin.php:111
filterwpcf7_kses_allowed_htmladmin\class-cf7-grid-layout-admin.php:1154
actionsave_post_wpcf7_contact_formadmin\class-cf7-grid-layout-admin.php:1169
actionplugins_loadedincludes\class-cf7-grid-layout.php:168
actionadmin_enqueue_scriptsincludes\class-cf7-grid-layout.php:184
actionadmin_enqueue_scriptsincludes\class-cf7-grid-layout.php:185
actionadmin_enqueue_scriptsincludes\class-cf7-grid-layout.php:187
actionadmin_print_scriptsincludes\class-cf7-grid-layout.php:188
actionadmin_menuincludes\class-cf7-grid-layout.php:190
filtercustom_menu_orderincludes\class-cf7-grid-layout.php:191
actionregister_post_type_argsincludes\class-cf7-grid-layout.php:193
actioninitincludes\class-cf7-grid-layout.php:195
actionadd_meta_boxesincludes\class-cf7-grid-layout.php:197
filterhidden_meta_boxesincludes\class-cf7-grid-layout.php:199
actionsave_post_wpcf7_contact_formincludes\class-cf7-grid-layout.php:201
actionbefore_delete_postincludes\class-cf7-grid-layout.php:203
filterpost_submitbox_misc_actionsincludes\class-cf7-grid-layout.php:207
filterwp_kses_allowed_htmlincludes\class-cf7-grid-layout.php:209
actionadmin_initincludes\class-cf7-grid-layout.php:211
filteradmin_initincludes\class-cf7-grid-layout.php:213
actionadmin_enqueue_scriptsincludes\class-cf7-grid-layout.php:215
actioncf7sg_plugin_pointers-edit-wpcf7_contact_formincludes\class-cf7-grid-layout.php:216
actioncf7sg_plugin_pointers-wpcf7_contact_formincludes\class-cf7-grid-layout.php:218
actionwpcf7_save_contact_formincludes\class-cf7-grid-layout.php:221
actionwpcf7_admin_misc_pub_sectionincludes\class-cf7-grid-layout.php:223
actionwpcf7_admin_initincludes\class-cf7-grid-layout.php:224
filterwpcf7_default_templateincludes\class-cf7-grid-layout.php:226
filterwpcf7_messagesincludes\class-cf7-grid-layout.php:228
filterwpcf7_map_meta_capincludes\class-cf7-grid-layout.php:230
filterwp_insert_post_dataincludes\class-cf7-grid-layout.php:232
actionadmin_initincludes\class-cf7-grid-layout.php:234
actioncf7sg_ui_grid_helper_hooksincludes\class-cf7-grid-layout.php:236
actioncf7sg_default_custom_js_templateincludes\class-cf7-grid-layout.php:238
filterwpcf7_collect_mail_tagsincludes\class-cf7-grid-layout.php:240
actionadmin_initincludes\class-cf7-grid-layout.php:242
actionadmin_initincludes\class-cf7-grid-layout.php:243
actionadmin_noticesincludes\class-cf7-grid-layout.php:244
filterupgrader_post_installincludes\class-cf7-grid-layout.php:246
actioninitincludes\class-cf7-grid-layout.php:248
actioncf7pll_load_plugin_translation_resourceincludes\class-cf7-grid-layout.php:250
actioncf7sg_display_dynamic_list_tag_managerincludes\class-cf7-grid-layout.php:252
actioncf7sg_save_dynamic_list_form_classesincludes\class-cf7-grid-layout.php:253
actioncf7sg_dynamic_tag_manager_taxonomy_sourceincludes\class-cf7-grid-layout.php:254
actiontrashed_postincludes\class-cf7-grid-layout.php:256
actionuntrashed_postincludes\class-cf7-grid-layout.php:257
actionafter_plugin_row_cf7-grid-layout/cf7-grid-layout.phpincludes\class-cf7-grid-layout.php:259
actionwp_enqueue_scriptsincludes\class-cf7-grid-layout.php:274
actionwp_print_scriptsincludes\class-cf7-grid-layout.php:275
actionwp_print_stylesincludes\class-cf7-grid-layout.php:276
filterdo_shortcode_tagincludes\class-cf7-grid-layout.php:277
filterwpcf7_form_hidden_fieldsincludes\class-cf7-grid-layout.php:285
actionwpcf7_initincludes\class-cf7-grid-layout.php:287
filterwpcf7_posted_dataincludes\class-cf7-grid-layout.php:289
actionwpcf7_swv_create_schemaincludes\class-cf7-grid-layout.php:291
actionwpcf7_swv_create_schemaincludes\class-cf7-grid-layout.php:292
filterwpcf7_validateincludes\class-cf7-grid-layout.php:294
filterwpcf7_mail_tag_replacedincludes\class-cf7-grid-layout.php:297
actioncf7_2_post_form_postedincludes\class-cf7-grid-layout.php:298
actioncf7_2_post_form_postedincludes\class-cf7-grid-layout.php:301
filterwpcf7_mail_componentsincludes\class-cf7-grid-layout.php:303
filterwpcf7_autop_or_notincludes\class-cf7-grid-layout.php:305
actionwpcf7_before_send_mailincludes\class-cf7-grid-layout.php:307
actioncf7sg_dynamic_select_html_fieldincludes\class-cf7-grid-layout.php:309
actioncf7sg_dynamic_checkbox_html_fieldincludes\class-cf7-grid-layout.php:310
actionsmart_grid_register_stylesincludes\class-cf7-grid-layout.php:311
actionsmart_grid_register_scriptsincludes\class-cf7-grid-layout.php:312
actionwpcf7_submission_resultincludes\class-cf7-grid-layout.php:314
actioncf7sg_register_dynamic_listsincludes\class-cf7sg-dynamic-list.php:732
actioncf7sg_register_dynamic_listsincludes\class-cf7sg-dynamic-list.php:762
filtercf7_2_post_form_valuespublic\class-cf7-grid-layout-public.php:211
actionwp_footerpublic\class-cf7-grid-layout-public.php:543
filterwpcf7_validatepublic\class-cf7-grid-layout-public.php:1284
actionsmart_grid_enqueue_scriptspublic\class-cf7-grid-layout-public.php:2396
Maintenance & Trust

Smart Grid-Layout Design for Contact Form 7 Maintenance & Trust

Maintenance Signals

WordPress version tested6.5.8
Last updatedJun 13, 2024
PHP min version5.6
Downloads618K

Community Trust

Rating90/100
Number of ratings72
Active installs10K
Alternatives

Smart Grid-Layout Design for Contact Form 7 Alternatives

Contact Form 7 Polylang Module

Contact Form 7 Polylang Module

cf7-polylang

A
85

This plugin allows multilingual contact form 7 management using the polylang plugin.

5K No CVEs
Post My CF7 Form

Post My CF7 Form

post-my-contact-form-7

A
92

This plugin enables the mapping of your CF7 forms to custom posts, including featured images, files, meta-fields and taxonomies

2K No CVEs
Contact Form 7 extension for Google Map fields

Contact Form 7 extension for Google Map fields

cf7-google-map

B
84

This plugin enables the insertion of google maps into contact form 7 as an input field.

600 1 CVE
MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor

metform

A
87

The most popular Elementor forms builder to create WordPress forms like contact forms, booking forms, feedback form, survey forms, application forms a …

600K 26 CVEs
Multi Step for Contact Form 7

Multi Step for Contact Form 7

cf7-multi-step

A
98

Break your looooooong form into user-friendly steps

10K 1 CVE
Developer Profile

Smart Grid-Layout Design for Contact Form 7 Developer Profile

Aurovrata Venet

6 plugins · 25K total installs

70
trust score
Avg Security Score
87/100
Avg Patch Time
265 days
View full developer profile
Detection Fingerprints

How We Detect Smart Grid-Layout Design for Contact Form 7

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cf7-grid-layout/admin/css/cf7sg-plugin-update.css/wp-content/plugins/cf7-grid-layout/admin/css/cf7-grid-layout-post.css/wp-content/plugins/cf7-grid-layout/admin/css/cf7sg-dynamic-tag.css/wp-content/plugins/cf7-grid-layout/admin/css/cf7sg-benchmark-tag.css/wp-content/plugins/cf7-grid-layout/assets/codemirror/codemirror.css/wp-content/plugins/cf7-grid-layout/assets/codemirror/addon/display/fullscreen.css/wp-content/plugins/cf7-grid-layout/assets/codemirror/addon/hint/show-hint.css/wp-content/plugins/cf7-grid-layout/assets/codemirror/theme/material-darker.css+21 more
Script Paths
/wp-content/plugins/cf7-grid-layout/admin/js/cf7-grid-layout-admin.js/wp-content/plugins/cf7-grid-layout/assets/js/codemirror.js/wp-content/plugins/cf7-grid-layout/assets/codemirror/addon/edit/matchbrackets.js/wp-content/plugins/cf7-grid-layout/assets/codemirror/addon/hint/show-hint.js/wp-content/plugins/cf7-grid-layout/assets/codemirror/addon/hint/javascript-hint.js/wp-content/plugins/cf7-grid-layout/assets/codemirror/addon/hint/html-hint.js+14 more
Version Parameters
cf7-grid-layout/admin/css/cf7sg-plugin-update.css?ver=cf7-grid-layout/admin/css/cf7-grid-layout-post.css?ver=cf7-grid-layout/admin/css/cf7sg-dynamic-tag.css?ver=cf7-grid-layout/admin/css/cf7sg-benchmark-tag.css?ver=cf7-grid-layout/assets/codemirror/codemirror.css?ver=cf7-grid-layout/assets/codemirror/addon/display/fullscreen.css?ver=cf7-grid-layout/assets/codemirror/addon/hint/show-hint.css?ver=cf7-grid-layout/assets/codemirror/theme/material-darker.css?ver=cf7-grid-layout/admin/js/cf7-grid-layout-admin.js?ver=cf7-grid-layout/assets/js/codemirror.js?ver=cf7-grid-layout/assets/codemirror/addon/edit/matchbrackets.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/show-hint.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/javascript-hint.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/html-hint.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/css-hint.js?ver=cf7-grid-layout/assets/codemirror/addon/display/util.js?ver=cf7-grid-layout/assets/codemirror/addon/display/fullscreen.js?ver=cf7-grid-layout/assets/js/cf7-grid-layout.js?ver=cf7-grid-layout/assets/js/codemirror.min.js?ver=cf7-grid-layout/assets/codemirror/addon/edit/matchbrackets.min.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/show-hint.min.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/javascript-hint.min.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/html-hint.min.js?ver=cf7-grid-layout/assets/codemirror/addon/hint/css-hint.min.js?ver=cf7-grid-layout/assets/codemirror/addon/display/util.min.js?ver=cf7-grid-layout/assets/codemirror/addon/display/fullscreen.min.js?ver=cf7-grid-layout/assets/js/cf7-grid-layout.min.js?ver=cf7-grid-layout/public/css/cf7-grid-layout-public.css?ver=cf7-grid-layout/public/js/cf7-grid-layout-public.js?ver=

HTML / DOM Fingerprints

CSS Classes
cf7sg-gridcf7sg-grid-gapcf7sg-form-groupcf7sg-grid-responsivecf7sg-form-fieldcf7sg-add-form-rowcf7sg-remove-form-rowcf7sg-grid-item+33 more
HTML Comments
<!-- START CF7 GRID LAYOUT FORM --><!-- END CF7 GRID LAYOUT FORM --><!-- START CF7 GRID LAYOUT FORM GRID --><!-- END CF7 GRID LAYOUT FORM GRID -->+17 more
Data Attributes
data-cf7sg-form-iddata-cf7sg-grid-iddata-cf7sg-tab-iddata-cf7sg-toggle-iddata-cf7sg-field-name
JS Globals
cf7sg_ajax_object
FAQ

Frequently Asked Questions about Smart Grid-Layout Design for Contact Form 7