Does Contact Form 7 Google Analytics Intelligence have any unpatched vulnerabilities?

No. All known vulnerabilities in Contact Form 7 Google Analytics Intelligence have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Contact Form 7 Google Analytics Intelligence compatible with WordPress 5.3.21?

According to WordPress.org data, Contact Form 7 Google Analytics Intelligence 1.1.2 has been tested up to WordPress 5.3.21. Check the plugin's changelog for the latest compatibility information.

What is Contact Form 7 Google Analytics Intelligence's security score?

Contact Form 7 Google Analytics Intelligence has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Contact Form 7 Google Analytics Intelligence Security & Risk Analysis

wordpress.org/plugins/cf7-intelligence

Automates Contact Form 7 submission tracking in Google Analytics.

300 active installs v1.1.2 PHP + WP 4.5+ Updated Feb 26, 2020

analyticscontactcontact-formformgoogle-analytics

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Contact Form 7 Google Analytics Intelligence Safe to Use in 2026?

Generally Safe

Score 85/100

Contact Form 7 Google Analytics Intelligence has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 6yr ago

Risk Assessment

The 'cf7-intelligence' plugin v1.1.2 exhibits a generally good security posture with no known vulnerabilities and a limited attack surface. The code analysis shows that all SQL queries utilize prepared statements, which is a strong practice. Furthermore, the plugin avoids file operations and external HTTP requests, reducing potential attack vectors. However, a significant concern is the presence of the `unserialize` function, which, if called with user-controlled input, can lead to Remote Code Execution vulnerabilities.

While the taint analysis indicates no critical or high severity flows, the fact that two flows were found with unsanitized paths, despite the low number of total flows analyzed, suggests a potential area of risk. The lack of nonce checks and the relatively low percentage of properly escaped output (76%) are also points of concern. The plugin's vulnerability history being completely clean is a positive sign, indicating developers have not historically introduced exploitable flaws. Despite these strengths, the use of `unserialize` without apparent sanitization or authorization checks, coupled with a minor taint flow risk and output escaping concerns, warrants careful consideration.

Key Concerns

Use of unserialize function
Flows with unsanitized paths found
Missing nonce checks
Output escaping is not 100%

Vulnerabilities

None known

Contact Form 7 Google Analytics Intelligence Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Contact Form 7 Google Analytics Intelligence Code Analysis

Dangerous Functions

Raw SQL Queries

3 prepared

Unescaped Output

26 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$value = unserialize($row->option_value);wpcf7_intel.install.php:54

SQL Query Safety

100% prepared3 total queries

Output Escaping

76% escaped34 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

wpcf7_intel_form_edit_form_submit (wpcf7-intel.php:828)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Contact Form 7 Google Analytics Intelligence Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 15

actionadmin_menuintel_com\intel.setup.php:88

actionadmin_noticesintel_com\intel.setup.php:95

actionactivated_pluginintel_com\intel.setup.php:120

filterintel_theme_infointel_com\intel.setup.php:396

action_loadedwpcf7-intel.php:119

filterintel_system_infowpcf7-intel.php:198

filterintel_form_type_infowpcf7-intel.php:201

filterintel_form_type_wpcf7_form_infowpcf7-intel.php:204

filterintel_menu_infowpcf7-intel.php:207

filterintel_demo_postswpcf7-intel.php:210

actionadmin_menuwpcf7-intel.php:218

filterwpcf7_editor_panelswpcf7-intel.php:222

filterwpcf7_after_savewpcf7-intel.php:226

actionwpcf7_before_send_mailwpcf7-intel.php:229

filterwpcf7_display_messagewpcf7-intel.php:232

Maintenance & Trust

Contact Form 7 Google Analytics Intelligence Maintenance & Trust

Maintenance Signals

WordPress version tested5.3.21

Last updatedFeb 26, 2020

PHP min version

Downloads23K

Community Trust

Rating0/100

Number of ratings0

Active installs300

Alternatives

Contact Form 7 Google Analytics Intelligence Alternatives

Contact Form 7 Google Analytics

cf7-google-analytics

100

Adds Google Analytics Event Tracking to all Contact Form 7 forms. Note: once you are using Google Analytics v4, this plugin may no longer be necessary …

7K No CVEs

Apollo Site Tools

apollo-site-tools

Easily add Google Analytics, Facebook Pixel, and other tracking codes to your WordPress site, plus contact form functionality and more.

10 No CVEs

Contact Form 7 Analytics

swp-contact-form-7-analytics

100

A lightweight system to track Contact Form 7 Events in Google Analytics.

0 No CVEs

Controls for Contact Form 7 (Redirects, Analytics & Tracking)

contact-form-7-extras

Analytics, tracking, redirects and storage for Contact Form 7.

10K No CVEs

Easy Panel for Contact Form 7

easy-panel-for-contact-form-7

Contact form submissions analytics dashboard. Understand all your submission statistics at a glance. Built with CF7 & Flamingo.

100 No CVEs

Developer Profile

Contact Form 7 Google Analytics Intelligence Developer Profile

tomdude

2 plugins · 9K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Contact Form 7 Google Analytics Intelligence

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/cf7-intelligence/assets/css/wpcf7-intel-admin.css/wp-content/plugins/cf7-intelligence/assets/js/wpcf7-intel-admin.js/wp-content/plugins/cf7-intelligence/assets/js/wpcf7-intel-frontend.js

Script Paths

/wp-content/plugins/cf7-intelligence/assets/js/wpcf7-intel-admin.js/wp-content/plugins/cf7-intelligence/assets/js/wpcf7-intel-frontend.js

Version Parameters

wpcf7-intel-admin.css?ver=wpcf7-intel-admin.js?ver=wpcf7-intel-frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpcf7-intel-form-settingswpcf7-intel-field-settings

HTML Comments

Data Attributes

data-wpcf7-intel-field-iddata-wpcf7-intel-form-id

JS Globals

wpcf7_intel_settingswpcf7_intel_form_settings

FAQ