WP-Safety

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Security & Risk Analysis

wordpress.org/plugins/cf7-infusionsoft

Send Contact Form 7, WPForms, Elementor, Ninja Forms, Contact Form Entries Plugin and many other contact form submissions to infusionsoft/Keap.

200 active installs v1.2.3 PHP 5.3+ WP 3.8+ Updated Dec 15, 2025
contact-form-7-infusionsoftelementor-forms-infusionsoftinfusionsoft-wpforms-integrationkeapninja-forms-infusionsoft
100
A · Safe
CVEs total1
Unpatched0
Last CVEAug 26, 2021
Plugin page Download
Safety Verdict

Is Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Safe to Use in 2026?

Generally Safe

Score 100/100

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Aug 26, 2021Updated 3mo ago
Risk Assessment

The "cf7-infusionsoft" plugin v1.2.3 exhibits a generally good security posture with a strong emphasis on input validation and output sanitization, as indicated by a high percentage of prepared SQL statements and properly escaped outputs. The presence of numerous nonce and capability checks further suggests a thoughtful approach to securing administrative and user-facing functionalities. However, the static analysis revealed two flows with unsanitized paths, which, while not classified as critical or high severity in the taint analysis, represent potential areas for concern regarding input handling.

The plugin's vulnerability history is relatively clean, with only one medium-severity CVE recorded in the past, which is now patched. This indicates that the developers have addressed past issues promptly. The common vulnerability type being Cross-site Scripting highlights the importance of vigilant input sanitization and output escaping, areas where the plugin generally performs well, but the identified unsanitized paths warrant further investigation.

In conclusion, "cf7-infusionsoft" v1.2.3 demonstrates good security practices. The main areas for improvement lie in thoroughly investigating and remediating the identified unsanitized path flows to eliminate any potential for vulnerabilities. The absence of unprotected entry points and a clean vulnerability history are significant strengths.

Key Concerns

  • Flows with unsanitized paths found
  • Medium severity CVE recorded in history
Vulnerabilities
1

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Security Vulnerabilities

CVEs by Year

1 CVE in 2021
2021
Patched Has unpatched

Severity Breakdown

Medium
1

1 total CVE

WF-cc1e9778-2860-4e3c-a2e4-28f10d585fed-cf7-infusionsoftmedium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting

Aug 26, 2021 Patched in 1.1.4 (880d)
Code Analysis
Analyzed Mar 16, 2026

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Code Analysis

Dangerous Functions
0
Raw SQL Queries
8
27 prepared
Unescaped Output
109
338 escaped
Nonce Checks
17
Capability Checks
25
File Operations
3
External Requests
3
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

77% prepared35 total queries

Output Escaping

76% escaped447 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

6 flows2 with unsanitized paths
push_object (api\api.php:795)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 39
actionplugins_loadedcf7-infusionsoft.php:60
actioncfx_form_submittedcf7-infusionsoft.php:95
actionvxcf_entry_createdcf7-infusionsoft.php:96
actionvx_contact_createdcf7-infusionsoft.php:97
actionvx_callcenter_entry_createdcf7-infusionsoft.php:98
filterwpcf7_before_send_mailcf7-infusionsoft.php:100
actionfrm_after_create_entrycf7-infusionsoft.php:102
actionninja_forms_after_submissioncf7-infusionsoft.php:103
actionwpforms_process_entry_savecf7-infusionsoft.php:104
actionelementor_pro/forms/new_recordcf7-infusionsoft.php:106
actioninitcf7-infusionsoft.php:112
actionvx_cf_add_meta_boxincludes\crmperks-cf.php:10
actioncfx_add_meta_boxincludes\plugin-pages.php:36
actioncfx_form_entry_updatedincludes\plugin-pages.php:37
actioncfx_form_post_note_addedincludes\plugin-pages.php:38
actioncfx_form_pre_note_deletedincludes\plugin-pages.php:39
actioncfx_form_pre_trash_leadsincludes\plugin-pages.php:40
actioncfx_form_pre_restore_leadsincludes\plugin-pages.php:41
filteradmin_menuincludes\plugin-pages.php:53
filtervx_cf_meta_boxes_rightincludes\plugin-pages.php:54
actionadmin_noticesincludes\plugin-pages.php:55
filterplugin_action_linksincludes\plugin-pages.php:56
actionvxcf_entry_submit_btnincludes\plugin-pages.php:57
actionvx_cf7_post_note_addedincludes\plugin-pages.php:59
actionvx_cf7_pre_note_deletedincludes\plugin-pages.php:60
actionvx_cf7_pre_trash_leadsincludes\plugin-pages.php:61
actionvx_cf7_pre_restore_leadsincludes\plugin-pages.php:62
actionvx_cf7_entry_updatedincludes\plugin-pages.php:63
actionvx_contact_post_note_addedincludes\plugin-pages.php:65
actionvx_contact_pre_note_deletedincludes\plugin-pages.php:66
actionvx_contact_pre_trash_leadsincludes\plugin-pages.php:67
actionvx_contact_pre_restore_leadsincludes\plugin-pages.php:68
actionvx_contact_entry_updatedincludes\plugin-pages.php:69
filtervx_callcenter_entries_actionincludes\plugin-pages.php:71
filtervx_callcenter_bulk_actionsincludes\plugin-pages.php:72
filterplugin_row_metawp\crmperks-notices.php:16
filteradmin_footer_textwp\crmperks-notices.php:25
actionadmin_noticeswp\crmperks-notices.php:27
filterplugins_apiwp\crmperks-notices.php:29
Maintenance & Trust

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedDec 15, 2025
PHP min version5.3
Downloads14K

Community Trust

Rating100/100
Number of ratings6
Active installs200
Alternatives

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Alternatives

Keap Official Opt-in Forms

Keap Official Opt-in Forms

infusionsoft-official-opt-in-forms

D
43

Build your email subscriber list from visitors to your WordPress website with Keap's Official Opt-in Forms plugin.

1K 2 unpatched
WP Gravity Forms Keap/Infusionsoft

WP Gravity Forms Keap/Infusionsoft

gf-infusionsoft

A
96

Gravity Forms Keap/infusionsoft Add-on sends Gravity Forms entries to infusionsoft/Keap CRM.

300 3 CVEs
Gravity Forms Keap Feed

Gravity Forms Keap Feed

systasis-gf-infusionsoft-feed

A
100

Sync form submissions between Gravity Forms and Keap

100 No CVEs
WP Keap/Infusionsoft WooCommerce Plugin

WP Keap/Infusionsoft WooCommerce Plugin

wp-infusionsoft-woocommerce

A
100

Keap/Infusionsoft WooCommerce Plugin allows you to quickly integrate WooCommerce Orders with Keap/Infusionsoft.

40 1 CVE
Developer Profile

Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Developer Profile

CRM Perks

32 plugins · 105K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
349 days
View full developer profile
Detection Fingerprints

How We Detect Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cf7-infusionsoft/assets/css/admin.css/wp-content/plugins/cf7-infusionsoft/assets/css/frontend.css/wp-content/plugins/cf7-infusionsoft/assets/js/admin.js/wp-content/plugins/cf7-infusionsoft/assets/js/frontend.js
Script Paths
/wp-content/plugins/cf7-infusionsoft/assets/js/admin.js/wp-content/plugins/cf7-infusionsoft/assets/js/frontend.js
Version Parameters
cf7-infusionsoft/assets/css/admin.css?ver=cf7-infusionsoft/assets/css/frontend.css?ver=cf7-infusionsoft/assets/js/admin.js?ver=cf7-infusionsoft/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes
vxcf_infusionsoft_admin_noticevxcf-infusionsoft-meta-boxvxcf-infusionsoft-field-mappingvx_crm_select_box
HTML Comments
<!-- vxcf_infusionsoft_admin_notice --><!-- vxcf-infusionsoft-settings-page --><!-- vxcf-infusionsoft-field-mapping-section -->
Data Attributes
data-crm='infusionsoft'data-plugin-id='vxcf_infusionsoft'data-crm-name='infusionsoft'
JS Globals
vxcf_infusionsoft_adminvxcf_infusionsoft_frontendvxcf_infusionsoft_vars
REST Endpoints
/wp-json/vxcf-infusionsoft/v1/settings/wp-json/vxcf-infusionsoft/v1/feeds
Shortcode Output
[cf7_infusionsoft_settings][cf7_infusionsoft_feed_list]
FAQ

Frequently Asked Questions about Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms