[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f4NKrwj2h3JXERSqnxQfZq1K8v5mfEKiM7_M5Zf94tzg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":139,"fingerprints":277},"comment-email-verify","Comment E-Mail Verification","0.4.2","Martin Lormes","https:\u002F\u002Fprofiles.wordpress.org\u002Ftfnab\u002F","\u003Cp>If a comment is held for moderation an email message is sent to the comment author with a link to verify the comment author’s email address. When the comment author clicks on that link the comment gets approved immediately. This makes discussions more lively as users don’t have to wait for the blog admin to approve the comment.\u003C\u002Fp>\n\u003Cp>Blog owners may also choose to hold the comments in the moderation queue even after successful verification. The verification status is shown in the comment lists in the admin.\u003C\u002Fp>\n\u003Cp>If an author has a previously approved comment and his comments gets approved automatically according to the ‘comment_whitelist’ option in WordPress no email is sent.\u003C\u002Fp>\n\u003Cp>If a comment is classified as spam by Akismet or another anti-spam plugin no email is sent.\u003C\u002Fp>\n\u003Cp>This plugin uses the \u003Ccode>commentmeta\u003C\u002Fcode> table and thus requires WordPress 2.9\u003C\u002Fp>\n\u003Cp>PHP5 strongly recommended\u003C\u002Fp>\n","If a comment is held for moderation an email message is sent to the comment author with a link to verify the comment author's email address.",90,16179,96,4,"2014-02-25T21:49:00.000Z","3.7.41","2.9","",[20,21,22,23,24],"comments","email","email-verification","spam","verification","http:\u002F\u002Ften-fingers-and-a-brain.com\u002Fwordpress-plugins\u002Fcomment-email-verify\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcomment-email-verify.0.4.2.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"tfnab",5,2220,88,30,86,"2026-04-04T20:19:57.273Z",[41,59,82,101,120],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":28,"downloaded":49,"rating":28,"num_ratings":28,"last_updated":50,"tested_up_to":51,"requires_at_least":52,"requires_php":18,"tags":53,"homepage":18,"download_link":57,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"email-validator-for-comments","Email Validator for Comments","1.8.3","Security Insight","https:\u002F\u002Fprofiles.wordpress.org\u002Fsecurityinsight\u002F","\u003Cp>\u003Cstrong>Stop fake or misused emails in your comment section.\u003C\u002Fstrong>\u003Cbr \u002F>\nThis plugin prevents spam and ensures valid email ownership by requiring users to confirm their email address before a comment is submitted.\u003C\u002Fp>\n\u003Cp>When a user leaves a comment, they’ll receive a one-time confirmation link by email. Their comment won’t appear until they click the link — no accounts, no passwords and no friction for real users.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Why Use It?\u003C\u002Fstrong>\u003Cbr \u002F>\n– Improves trust and deliverability.\u003Cbr \u002F>\n– Cuts down on abuse, spam and bot activity.\u003Cbr \u002F>\n– Ensures email addresses actually belong to the commenter.\u003Cbr \u002F>\n– Comments from verified users go straight to approved or pending in the future.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Email confirmation required before comment is accepted.\u003C\u002Fli>\n\u003Cli>Comments with unconfirmed emails are automatically deleted after 3 days.\u003C\u002Fli>\n\u003Cli>One-time confirmation — verified commenters skip confirmation next time.\u003C\u002Fli>\n\u003Cli>Lightweight, secure, and privacy-friendly.\u003C\u002Fli>\n\u003Cli>Admin tool to manually clear all verified email records.\u003C\u002Fli>\n\u003Cli>No account creation required.\u003C\u002Fli>\n\u003Cli>No third-party services or API keys needed.\u003C\u002Fli>\n\u003Cli>Only one confirmation email sent per hour to a single email address to prevent abuse.\u003C\u002Fli>\n\u003C\u002Ful>\n","Blocks comment submission until the user confirms their email address with a one-time link. No accounts or captchas required.",235,"2025-08-07T18:20:00.000Z","6.8.5","5.0",[54,20,55,22,56],"comment-moderation","email-confirmation","spam-prevention","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-validator-for-comments.1.8.3.zip",100,{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":18,"download_link":79,"security_score":80,"vuln_count":14,"unpatched_count":28,"last_vuln_date":81,"fetched_at":30},"debounce-io-email-validator","DeBounce Email Validator","5.8.7","debounce","https:\u002F\u002Fprofiles.wordpress.org\u002Fdebounce\u002F","\u003Ch3>🚀 Transform Your Email Quality with AI-Powered Validation\u003C\u002Fh3>\n\u003Cp>Tired of fake emails, spam traps, and disposable addresses cluttering your database? DeBounce Email Validator is the ultimate solution for WordPress websites that demand real, deliverable email addresses.\u003C\u002Fp>\n\u003Ch3>Why Choose DeBounce?\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>99.9% Accuracy Rate\u003C\u002Fstrong> – Industry-leading validation precision  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero IP Impact\u003C\u002Fstrong> – No emails sent, no blacklisting risk  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR Compliant\u003C\u002Fstrong> – Complete privacy protection  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-time Validation\u003C\u002Fstrong> – Instant feedback for users  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced AI Detection\u003C\u002Fstrong> – Catches sophisticated spam attempts\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Perfect For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>E-commerce stores (WooCommerce)  \u003C\u002Fli>\n\u003Cli>Lead generation forms  \u003C\u002Fli>\n\u003Cli>User registration systems  \u003C\u002Fli>\n\u003Cli>Contact forms  \u003C\u002Fli>\n\u003Cli>Newsletter signups  \u003C\u002Fli>\n\u003Cli>Any WordPress form  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Install, connect your API key, and watch your email quality soar while reducing spam and improving conversion rates.\u003C\u002Fp>\n\u003Ch3>Supported Forms and Plugins\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🛒 E-COMMERCE & BUSINESS FORMS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WooCommerce – Validate shipping and billing emails  \u003C\u002Fli>\n\u003Cli>Gravity Forms – Enterprise-grade form validation  \u003C\u002Fli>\n\u003Cli>Contact Form 7 – Most popular contact form plugin  \u003C\u002Fli>\n\u003Cli>WPForms – Drag & drop form builder  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🏗️ ADVANCED FORM BUILDERS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Ninja Forms – Professional form creation  \u003C\u002Fli>\n\u003Cli>Formidable Forms – Complex form solutions  \u003C\u002Fli>\n\u003Cli>Forminator – Modern form builder  \u003C\u002Fli>\n\u003Cli>Fluent Forms – Advanced form management  \u003C\u002Fli>\n\u003Cli>Elementor Forms – Page builder integration  \u003C\u002Fli>\n\u003Cli>WSForms – Premium form builder  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>⚙️ WORDPRESS CORE FEATURES\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WordPress Comments – Validate commenter emails  \u003C\u002Fli>\n\u003Cli>User Registration – Ensure valid signup emails  \u003C\u002Fli>\n\u003Cli>Jetpack Forms – Automattic’s form solution  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🔧 CUSTOM INTEGRATION\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Any Custom Form – Works with \u003Ccode>is_email()\u003C\u002Fcode> function  \u003C\u002Fli>\n\u003Cli>Third-party Plugins – Automatic compatibility  \u003C\u002Fli>\n\u003Cli>API Integration – Direct API access available\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🔍 CORE VALIDATION CHECKS\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>DNS & MX Record Validation – Verify domain authenticity  \u003C\u002Fli>\n\u003Cli>Syntax Verification – IETF\u002FRFC standard compliance  \u003C\u002Fli>\n\u003Cli>Mailbox Existence – Confirm email actually exists  \u003C\u002Fli>\n\u003Cli>SMTP Connection Testing – Real server verification  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🛡️ SECURITY & SPAM PROTECTION\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Disposable Email Detection – Block temporary email services  \u003C\u002Fli>\n\u003Cli>Spam Trap Identification – Prevent honeypot emails  \u003C\u002Fli>\n\u003Cli>Typosquatting Prevention – Catch misspelled domains  \u003C\u002Fli>\n\u003Cli>Role-based Email Filtering – Block info@, admin@, etc.  \u003C\u002Fli>\n\u003Cli>Custom Blocklist – Your own domain\u002Femail restrictions  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>⚡ PERFORMANCE & RELIABILITY\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Real-time Validation – Instant user feedback  \u003C\u002Fli>\n\u003Cli>Temporary Unavailability Detection – Handle server issues  \u003C\u002Fli>\n\u003Cli>Catch-All Domain Testing – Identify low-quality domains  \u003C\u002Fli>\n\u003Cli>Greylisting Detection – Advanced spam protection  \u003C\u002Fli>\n\u003Cli>99.9% Accuracy Rate – Industry-leading precision  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>🔒 PRIVACY & COMPLIANCE\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>GDPR Compliant – No email storage  \u003C\u002Fli>\n\u003Cli>Zero IP Impact – No emails sent from your servers  \u003C\u002Fli>\n\u003Cli>Secure API Communication – Encrypted data transfer  \u003C\u002Fli>\n\u003Cli>Privacy-First Design – Your data stays private  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>📊 ANALYTICS & MONITORING\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Validation Logs – Track all validation attempts  \u003C\u002Fli>\n\u003Cli>Performance Metrics – Monitor validation success rates  \u003C\u002Fli>\n\u003Cli>Custom Error Messages – Branded user feedback  \u003C\u002Fli>\n\u003Cli>Multi-language Support – Global accessibility  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Start with 100 Free Validations\u003C\u002Fstrong> – \u003Ca href=\"https:\u002F\u002Fdebounce.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get your API key now\u003C\u002Fa>\u003C\u002Fp>\n","Real-time email validation for WordPress forms. Block invalid, disposable, and risky emails to keep your database clean and improve deliverability.",300,22560,78,16,"2026-01-21T23:40:00.000Z","6.9.4","3.0.1","7.0",[76,77,78,22,56],"disposable-email","email-checker","email-validation","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdebounce-io-email-validator.zip",92,"2025-04-09 00:00:00",{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":58,"downloaded":90,"rating":58,"num_ratings":91,"last_updated":92,"tested_up_to":93,"requires_at_least":94,"requires_php":95,"tags":96,"homepage":99,"download_link":100,"security_score":80,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"email-verification-elementor-forms","Email Verification for Elementor Forms","1.2.2","rloes","https:\u002F\u002Fprofiles.wordpress.org\u002Frloes\u002F","\u003Cp>Add an email verification field to your Elementor forms. Users receive a code to the email entered on first submit and can only submit the form if they enter the code. This ensures submissions from verified emails, reducing spam.\u003C\u002Fp>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ccode>evef\u002Fgenerator\u002Fcode\u003C\u002Fcode> – Customize the generated verification code.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Femail_to\u003C\u002Fcode> – Customize the recipient email address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Femail_from\u003C\u002Fcode> – Customize the email “from” address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Femail_from_name\u003C\u002Fcode> – Customize the name of the email sender.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Femail_to_bcc\u003C\u002Fcode> – Customize the BCC recipient email address.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Fsubject\u003C\u002Fcode> – Customize the email subject.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Fbody\u003C\u002Fcode> – Customize the email message content.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Femail\u002Fheaders\u003C\u002Fcode> – Customize the email headers.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Fvaldation\u002Finvalid_code_message\u003C\u002Fcode> – Customize the error message shown if the code is invalid.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Fclassic\u002Fnormal_text\u003C\u002Fcode> – Customize the text for resending the email.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Fclassic\u002Fsuccess_text\u003C\u002Fcode> – Customize the success message text.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Fclassic\u002Ferror_text\u003C\u002Fcode> – Customize the error message text.\u003C\u002Fli>\n\u003Cli>\u003Ccode>evef\u002Fclassic\u002Floader_html\u003C\u002Fcode> – Customize the loader HTML.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>For detailed usage instructions and more customization options, please refer to the documentation included with the plugin.\u003C\u002Fp>\n","Add email verification to Elementor forms: users confirm via code, ensuring valid submissions and reducing spam.",2980,2,"2024-09-26T10:31:00.000Z","6.6.5","6.0","8.0",[97,22,98,56],"elementor","forms","https:\u002F\u002Fgithub.com\u002Frloes\u002Femail-verification-elementor-forms","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Femail-verification-elementor-forms.1.2.2.zip",{"slug":102,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":91,"last_updated":112,"tested_up_to":72,"requires_at_least":94,"requires_php":113,"tags":114,"homepage":118,"download_link":119,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"rfs-email-verification-for-gravity-forms","RFS Email Verification for Gravity Forms","1.2.0","Rafal Puczel of RFS WP","https:\u002F\u002Fprofiles.wordpress.org\u002Frafal84\u002F","\u003Cblockquote>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Frfswp.com\u002Fdocs\u002Frfs-email-verification-for-gravity-forms\u002F\" rel=\"nofollow ugc\">Documentation \u002F User Guide\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Frfswp.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">Support\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Frfswp.com\u002Fplugins\u002Frfs-email-verification-for-gravity-forms\u002F\" rel=\"nofollow ugc\">Home Page\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>This plugins is an add-on for Gravity Forms.\u003C\u002Fstrong> Requires Gravity Form plugin to work.\u003C\u002Fp>\n\u003Cp>RFS Email Verification for Gravity Forms adds and OTP (One Time Password) email verification functionality to your form. It allows you to easily verify or athenticate your users \u002F customers \u002F clients. The unique code is sent to a user’s email address and needs to be entered in order to submit the form. It’s also great way to avoid spam users submitting your forms. It supports both single and multi-page forms.\u003C\u002Fp>\n\u003Ch3>FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Single page form support\u003C\u002Fli>\n\u003Cli>Multi-page form support. Limited in free version, requires the email and verification code fields to be on the same page of multi-page form.\u003C\u002Fli>\n\u003Cli>Email and verification code fields on the same page\u003C\u002Fli>\n\u003Cli>Auto-generated unique verification code\u003C\u002Fli>\n\u003Cli>Verification code settings for length, characters type and input mask\u003C\u002Fli>\n\u003Cli>Custom text for “send code” button\u003C\u002Fli>\n\u003Cli>Custom email subject\u003C\u002Fli>\n\u003Cli>Custom email “from” address\u003C\u002Fli>\n\u003Cli>Unlimited plugin updates\u003C\u002Fli>\n\u003Cli>Plugin support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>DEVELOPER OPTIONS\u003C\u002Fh3>\n\u003Cp>The addon includes custom hooks and filters. You can find the details in plugin \u003Ca href=\"https:\u002F\u002Frfswp.com\u002Fdocs\u002Frfs-email-verification-for-gravity-forms\u002F#for-developers\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>[+] PREMIUM FEATURES\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Custom email message\u003C\u002Fli>\n\u003Cli>Fields merge tags support for more personalized message. Lets you include other form field values, like Name to be included in the email message.\u003C\u002Fli>\n\u003Cli>Email and verification code fields on different pages. Ask for an email on the first page and let user enter the code on the next.\u003C\u002Fli>\n\u003Cli>Automatically go to the next page after sending the code. Nice feature for multi-page forms.\u003C\u002Fli>\n\u003Cli>Resend button. Allow users to resend the code in case they didn’t get it or expired. Otherwise they need to reload the page.\u003C\u002Fli>\n\u003Cli>Custom text for “resend code” button\u003C\u002Fli>\n\u003Cli>Resend interval. Locks the “resend” button for a few seconds to prevent multiple clicks of a button in a row, which would result in sending multiple emails.\u003C\u002Fli>\n\u003Cli>Custom expiry time for verification code. By default it expires after 2 minutes.\u003C\u002Fli>\n\u003Cli>Premium support (6-months included)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>TRANSLATION READY\u003C\u002Fh3>\n\u003Cp>Do you speak another language? Want to contribute in a meaningful way to our plugin? Contact us if you’d like to help translating the plugin into your language.\u003C\u002Fp>\n\u003Ch3>SUPPORT\u003C\u002Fh3>\n\u003Cp>Having issues with the plugin? Contact us through the \u003Ca href=\"https:\u002F\u002Frfswp.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">website\u003C\u002Fa>.\u003C\u002Fp>\n","OTP (One Time Password) Email Verification for Gravity Forms. Verify or authenticate your users. It’s also great way to avoid spam.",20,1269,60,"2026-02-25T10:44:00.000Z","7.4",[115,22,98,116,117],"email-authentication","gravity-forms","spam-protection","https:\u002F\u002Frfswp.com\u002F\u002Fplugins\u002Frfs-email-verification-for-gravity-forms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frfs-email-verification-for-gravity-forms.1.2.0.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":58,"num_ratings":130,"last_updated":131,"tested_up_to":72,"requires_at_least":132,"requires_php":113,"tags":133,"homepage":137,"download_link":138,"security_score":58,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"authyo-otp-for-contact-form-7","Authyo OTP for Contact Form 7","1.0.20","Konceptwise Digital Media Pvt Ltd","https:\u002F\u002Fprofiles.wordpress.org\u002Fkonceptwise\u002F","\u003Cp>\u003Cstrong>Authyo OTP for Contact Form 7\u003C\u002Fstrong> adds one-time password (OTP) verification to Contact Form 7 forms, ensuring that only verified users can submit entries.\u003C\u002Fp>\n\u003Cp>The plugin supports OTP delivery via \u003Cstrong>Email, SMS, WhatsApp, and Voice Call\u003C\u002Fstrong>, helping reduce spam, prevent fake submissions, and improve overall form security.\u003C\u002Fp>\n\u003Cp>It also includes a \u003Cstrong>per-form redirect option\u003C\u002Fstrong>, allowing site owners to redirect users to a thank-you page or any custom URL after a successful and verified form submission.\u003C\u002Fp>\n\u003Cp>This plugin is an \u003Cstrong>independent add-on for Contact Form 7\u003C\u002Fstrong>, developed and maintained by \u003Cstrong>Konceptwise Digital Media Pvt. Ltd.\u003C\u002Fstrong>, and integrates securely with the Authyo OTP service.\u003C\u002Fp>\n\u003Cp>“This plugin is an add-on for Contact Form 7 and is not developed by or affiliated with the Contact Form 7 authors.”\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Features:\u003C\u002Fstrong>\u003Cbr \u002F>\n– OTP verification field for Contact Form 7\u003Cbr \u002F>\n– Secure one-time password handling\u003Cbr \u002F>\n– Customizable messages for sent, verified, and failed OTP states\u003Cbr \u002F>\n– Seamless integration with the Authyo OTP service\u003Cbr \u002F>\n– Email, SMS, WhatsApp, and Voice Call OTP support\u003Cbr \u002F>\n– Per-form redirect option after successful submission\u003Cbr \u002F>\n– Google Sheets Integration: Sync form data to Google Sheets automatically\u003Cbr \u002F>\n– Multi-Sheet Support: Route different forms to separate tabs within the same Google Sheet\u003Cbr \u002F>\n– Custom Column Mapping: Map form fields to specific Google Sheet column headers\u003Cbr \u002F>\n– Improved spam protection and form security\u003C\u002Fp>\n\u003Ch4>Live Demo\u003C\u002Fh4>\n\u003Cp>Check the live demo here:\u003Cbr \u002F>\nhttps:\u002F\u002Fwpplugins.authyo.io\u002Fauthyo-otp-for-contact-form-7\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Video Tutorial How to Use Authyo OTP for Contact Form 7\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FhhBnj1WWDdI?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the Authyo API to send and verify one-time passwords (OTPs).\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service used:\u003C\u002Fstrong> Authyo (https:\u002F\u002Fapp.authyo.io)\u003Cbr \u002F>\n\u003Cstrong>Purpose:\u003C\u002Fstrong> To send and verify OTPs for Contact Form 7 submissions.\u003Cbr \u002F>\n\u003Cstrong>Data sent:\u003C\u002Fstrong> User email address or phone number and OTP-related data, solely for verification purposes.\u003Cbr \u002F>\n\u003Cstrong>When:\u003C\u002Fstrong> Data is sent when an OTP is requested and when it is verified.\u003Cbr \u002F>\n\u003Cstrong>Provider:\u003C\u002Fstrong> Authyo Inc.\u003Cbr \u002F>\n\u003Cstrong>Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fauthyo.io\u002Fterms-service\u003Cbr \u002F>\n\u003Cstrong>Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fauthyo.io\u002Fprivacy-policy\u003C\u002Fp>\n\u003Ch3>Dependencies\u003C\u002Fh3>\n\u003Cp>This plugin requires the \u003Cstrong>Contact Form 7\u003C\u002Fstrong> plugin to be installed and activated.\u003C\u002Fp>\n\u003Cp>Contact Form 7 is developed by Takayuki Miyoshi and is available for free on WordPress.org:\u003Cbr \u002F>\nhttps:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\u003C\u002Fp>\n","Adds OTP verification (Email, SMS, WhatsApp, Voice Call) and Google Sheets Integration (with Multi-Sheet support) to Contact Form 7.",10,1347,1,"2026-03-13T09:33:00.000Z","5.5",[134,22,135,136,117],"contact-form-7","form-security","otp-verification","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fauthyo-otp-for-contact-form-7\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fauthyo-otp-for-contact-form-7.1.0.20.zip",{"attackSurface":140,"codeSignals":178,"taintFlows":229,"riskAssessment":267,"analyzedAt":276},{"hooks":141,"ajaxHandlers":174,"restRoutes":175,"shortcodes":176,"cronEvents":177,"entryPointCount":28,"unprotectedCount":28},[142,147,150,154,157,160,162,165,168,171],{"type":143,"name":144,"callback":144,"file":145,"line":146},"filter","wp_mail_from","comment-email-verify.php",188,{"type":143,"name":148,"callback":148,"file":145,"line":149},"wp_mail_from_name",189,{"type":151,"name":152,"callback":152,"file":145,"line":153},"action","phpmailer_init",190,{"type":151,"name":155,"callback":155,"priority":128,"file":145,"line":156},"wp_insert_comment",221,{"type":143,"name":158,"callback":158,"priority":128,"file":145,"line":159},"gettext",222,{"type":143,"name":158,"callback":158,"priority":128,"file":145,"line":161},772,{"type":143,"name":163,"callback":163,"priority":128,"file":145,"line":164},"comment_row_actions",806,{"type":151,"name":166,"callback":166,"file":145,"line":167},"init",944,{"type":151,"name":169,"callback":169,"file":145,"line":170},"admin_init",945,{"type":151,"name":172,"callback":172,"file":145,"line":173},"admin_menu",946,[],[],[],[],{"dangerousFunctions":179,"sqlUsage":180,"outputEscaping":182,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":228},[],{"prepared":28,"raw":28,"locations":181},[],{"escaped":91,"rawEcho":183,"locations":184},21,[185,188,190,192,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226],{"file":145,"line":186,"context":187},320,"raw output",{"file":145,"line":189,"context":187},333,{"file":145,"line":191,"context":187},349,{"file":145,"line":193,"context":187},369,{"file":145,"line":195,"context":187},381,{"file":145,"line":197,"context":187},383,{"file":145,"line":199,"context":187},404,{"file":145,"line":201,"context":187},427,{"file":145,"line":203,"context":187},478,{"file":145,"line":205,"context":187},480,{"file":145,"line":207,"context":187},491,{"file":145,"line":209,"context":187},506,{"file":145,"line":211,"context":187},521,{"file":145,"line":213,"context":187},546,{"file":145,"line":215,"context":187},561,{"file":145,"line":217,"context":187},576,{"file":145,"line":219,"context":187},591,{"file":145,"line":221,"context":187},614,{"file":145,"line":223,"context":187},616,{"file":145,"line":225,"context":187},870,{"file":145,"line":227,"context":187},873,[],[230,248,257],{"entryPoint":231,"graph":232,"unsanitizedCount":130,"severity":247},"settings_field__advanced__from (comment-email-verify.php:464)",{"nodes":233,"edges":244},[234,239],{"id":235,"type":236,"label":237,"file":145,"line":238},"n0","source","$_SERVER",472,{"id":240,"type":241,"label":242,"file":145,"line":205,"wp_function":243},"n1","sink","echo() [XSS]","echo",[245],{"from":235,"to":240,"sanitized":246},false,"medium",{"entryPoint":249,"graph":250,"unsanitizedCount":130,"severity":247},"settings_field__smtp__Helo (comment-email-verify.php:608)",{"nodes":251,"edges":255},[252,254],{"id":235,"type":236,"label":237,"file":145,"line":253},612,{"id":240,"type":241,"label":242,"file":145,"line":223,"wp_function":243},[256],{"from":235,"to":240,"sanitized":246},{"entryPoint":258,"graph":259,"unsanitizedCount":91,"severity":266},"\u003Ccomment-email-verify> (comment-email-verify.php:0)",{"nodes":260,"edges":264},[261,263],{"id":235,"type":236,"label":262,"file":145,"line":238},"$_SERVER (x2)",{"id":240,"type":241,"label":242,"file":145,"line":205,"wp_function":243},[265],{"from":235,"to":240,"sanitized":246},"low",{"summary":268,"deductions":269},"The \"comment-email-verify\" plugin, version 0.4.2, exhibits a mixed security posture. On the positive side, the static analysis indicates a minimal attack surface with no discovered AJAX handlers, REST API routes, shortcodes, or cron events. Furthermore, all detected SQL queries utilize prepared statements, and there are no file operations or external HTTP requests, which are common vectors for vulnerabilities. The vulnerability history is also clean, with no known CVEs, which suggests a relatively stable and secure past.\n\nHowever, there are significant concerns raised by the code analysis. The most alarming finding is that 9% of the 23 output operations are not properly escaped. This means that user-supplied data could potentially be rendered directly into the output, leading to Cross-Site Scripting (XSS) vulnerabilities if not handled carefully. Compounding this, the taint analysis reveals 3 flows with unsanitized paths. While classified as not critical or high severity in this report, unsanitized paths in taint flows are a strong indicator that user input is not being properly validated or sanitized before being used in a potentially harmful context, which could lead to unexpected behavior or security issues if exploited.\n\nIn conclusion, while the plugin has a limited attack surface and no known historical vulnerabilities, the presence of unescaped output and unsanitized taint flows represent real, albeit potentially low-to-medium severity, risks. These issues require immediate attention to ensure the plugin's security. The lack of nonce and capability checks on entry points (though the attack surface is reported as zero) could become a concern if the attack surface were to expand in future versions.",[270,273],{"reason":271,"points":272},"Unescaped output detected",6,{"reason":274,"points":275},"Taint flows with unsanitized paths",7,"2026-03-16T21:19:38.683Z",{"wat":278,"direct":283},{"assetPaths":279,"generatorPatterns":280,"scriptPaths":281,"versionParams":282},[],[],[],[],{"cssClasses":284,"htmlComments":285,"htmlAttributes":286,"restEndpoints":287,"jsGlobals":288,"shortcodeOutput":289},[],[],[],[],[],[290,291,292,293,294,295,296,297],"Dear [author-name],","thanks for replying to [post-title] ([post-permalink]) on [blogname] - [blogdescription] ([home]).","Please verify your email address by clicking on this link:","[verification-url]","This is your comment:","[comment]","--","This comment was posted from [author-ip] - [author-hostname]"]