WP-Safety

CFS – Contact Form 7 Field Security & Risk Analysis

wordpress.org/plugins/cfs-cf7

Contact Form 7 field for Custom Field Suite

30 active installs v1.1 PHP + WP 4.0+ Updated Unknown
cf7cfscontact-form-7custom-field-suite
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is CFS – Contact Form 7 Field Safe to Use in 2026?

Generally Safe

Score 100/100

CFS – Contact Form 7 Field has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The static analysis of cfs-cf7 v1.1 reveals a plugin with a very limited attack surface. There are no identified AJAX handlers, REST API routes, shortcodes, or cron events, meaning there are no direct entry points for external interaction. Furthermore, the code signals indicate a lack of dangerous functions, no file operations, and no external HTTP requests, which are positive signs for security. The SQL queries are all prepared, and the absence of vulnerability history suggests a stable and secure past for this plugin.

Key Concerns

  • Unescaped output detected
  • Missing nonce checks
  • Missing capability checks
Vulnerabilities
None known

CFS – Contact Form 7 Field Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

CFS – Contact Form 7 Field Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
12
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

0% escaped12 total outputs
Attack Surface

CFS – Contact Form 7 Field Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 4
filtercfs_field_typescfs-cf7.php:18
actioninitcfs-cf7.php:23
filtercfs_field_typestrunk\cfs-cf7.php:18
actioninittrunk\cfs-cf7.php:23
Maintenance & Trust

CFS – Contact Form 7 Field Maintenance & Trust

Maintenance Signals

WordPress version tested4.9.29
Last updatedUnknown
PHP min version
Downloads2K

Community Trust

Rating0/100
Number of ratings0
Active installs30
Alternatives

CFS – Contact Form 7 Field Alternatives

Database Addon for Contact Form 7 – CFDB7

Database Addon for Contact Form 7 – CFDB7

contact-form-cfdb7

A
90

Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.

600K 7 CVEs
Redirection for Contact Form 7

Redirection for Contact Form 7

wpcf7-redirect

A
88

Redirect to any page or URL, execute scripts after submission, save data to the database, and unlock additional submission actions for Contact Form 7.

200K 14 CVEs
Advanced Contact form 7 DB

Advanced Contact form 7 DB

advanced-cf7-db

B
83

Save all contact form 7 form submitted data to the database, View, Ordering, Change field labels and Import/Export data using CSV.

70K 6 CVEs
Connect Contact Form 7 and Mailchimp

Connect Contact Form 7 and Mailchimp

contact-form-7-mailchimp-extension

A
96

Connect Contact Form 7 to Mailchimp. Automatically sync form submissions to your Mailchimp audiences with merge field mapping, double opt-in, and opt- …

50K 3 CVEs
Contact Form 7 Multi-Step Forms

Contact Form 7 Multi-Step Forms

contact-form-7-multi-step-module

A
99

Enables the Contact Form 7 plugin to create multi-page, multi-step forms.

50K 1 CVE
Developer Profile

CFS – Contact Form 7 Field Developer Profile

Felipe Elia

3 plugins · 6K total installs

94
trust score
Avg Security Score
92/100
Avg Patch Time
1 days
View full developer profile
Detection Fingerprints

How We Detect CFS – Contact Form 7 Field

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/cfs-cf7/

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about CFS – Contact Form 7 Field