[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDnwlOlImGaf0bl7iZcxjGNEwtBR__4Dp2JOV59TbYv0":3,"$fWn3k2g9YSRx5vPiAWvZmjTXQaHmMXHWOZNKF36gQQxU":242,"$f5JJSdqZHT99KuHX8Xli0bk3cyhN5tuuueL8nWPNapM4":247},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":18,"download_link":22,"security_score":23,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26,"discovery_status":27,"vulnerabilities":28,"developer":29,"crawl_stats":25,"alternatives":34,"analysis":76,"fingerprints":209},"connect-cf-7-freshsales-crm","Contact Form 7 – Freshsales CRM","1.1.1","Rakesh Rathore","https:\u002F\u002Fprofiles.wordpress.org\u002Frakesh-rathore\u002F","\u003Cp>This plugin can integrate Contacts and Leads between your WordPress Contact Form 7 and Freshsales CRM. Easily add automatically Contacts and Leads into Freshsales CRM when people submit a Contact Form 7 form on your site.\u003C\u002Fp>\n","Just another contact form plugin. Simple but flexible.",10,1351,100,1,"2021-06-17T16:32:00.000Z","5.7.15","4.9","",[20,21],"contact-form-7-freshsales-crm","freshsales","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fconnect-cf-7-freshsales-crm.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":30,"display_name":7,"profile_url":8,"plugin_count":14,"total_installs":11,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},"rakesh-rathore",30,84,"2026-05-19T21:01:37.152Z",[35,55],{"slug":36,"name":37,"version":38,"author":39,"author_profile":40,"description":41,"short_description":42,"active_installs":31,"downloaded":43,"rating":24,"num_ratings":24,"last_updated":44,"tested_up_to":45,"requires_at_least":46,"requires_php":18,"tags":47,"homepage":52,"download_link":53,"security_score":54,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"wp-freshsales","Freshsales Integration for WordPress","2.2","Smackcoders Inc.,","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmackcoders\u002F","\u003Cp>Elevate your WordPress website to a new level of lead capture and CRM integration with the Freshsales Integration for WordPress plugin. Say goodbye to complex HTML forms and visible public IDs. With WP Freshsales, you can create, manage, and update web forms using dynamic shortcodes, enabling you to embed them anywhere in your WordPress content, from posts and pages to custom posts, sidebars, widgets, and popups. Ensure security with built-in Captcha protection to combat spam effectively.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> WP Freshsales is now a part of the \u003Ca href=\"https:\u002F\u002Fwww.example.com\u002Fwp-leads-builder-any-crm-pro.html\" rel=\"nofollow ugc\">WP Leads Builder for any CRM\u003C\u002Fa> plugin, encompassing Freshsales CRM, Salesforce, Vtiger, Zoho, and SugarCRM integration features.\u003C\u002Fp>\n\u003Cp>With WP Freshsales, you can:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate web forms without the need for HTML or visible public IDs.\u003C\u002Fli>\n\u003Cli>Create dynamic shortcodes for use anywhere in your WordPress content.\u003C\u002Fli>\n\u003Cli>Streamline form updates with a single shortcode edit.\u003C\u002Fli>\n\u003Cli>Easily set up fields by pulling them from Freshsales CRM modules.\u003C\u002Fli>\n\u003Cli>Customize form elements effortlessly through a user-friendly interface.\u003C\u002Fli>\n\u003Cli>Assign forms to available Freshsales users for efficient lead management.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In essence, WP Freshsales empowers you to generate web forms via a user-friendly CRM WordPress plugin interface, turning your website’s visitors into high-potential leads for Freshsales CRM.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate Freshsales WordPress forms with or without web forms.\u003C\u002Fli>\n\u003Cli>Seamlessly integrate with the Contact Form 7 plugin, offering a familiar user experience.\u003C\u002Fli>\n\u003Cli>Utilize Freshsales WordPress plugin forms in pages, posts, popups, opt-ins, and widgets.\u003C\u002Fli>\n\u003Cli>Capture potential leads and sync them with Freshsales CRM.\u003C\u002Fli>\n\u003Cli>Easily redirect users to the desired page after form submission.\u003C\u002Fli>\n\u003Cli>Receive notifications on lead capture success or failure.\u003C\u002Fli>\n\u003Cli>Convert new users into CRM leads with Freshsales plugins.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Elevate your lead capture game and streamline your CRM integration with Freshsales Integration for WordPress. Transform your website into a lead-generating powerhouse effortlessly.\u003C\u002Fp>\n\u003Ch3>Upgrading to Pro\u003C\u002Fh3>\n\u003Cp>Take your lead capture and CRM integration to the next level by upgrading to the \u003Ca href=\"https:\u002F\u002Fwww.example.com\u002Fwp-leads-builder-any-crm-pro.html\" rel=\"nofollow ugc\">Leads Builder for CRM Pro\u003C\u002Fa>. With the Pro version, you’ll unlock an array of enhanced features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Full Freshsales CRM Support:\u003C\u002Fstrong> Seamlessly integrate with Freshsales CRM to enhance your lead management and customer data.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Salesforce, Vtiger, Zoho, and SugarCRM Integration:\u003C\u002Fstrong> Extend your reach by integrating with Salesforce, Vtiger, Zoho, and SugarCRM, offering comprehensive CRM solutions for your business.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Advanced Features:\u003C\u002Fstrong> Access advanced tools and features that will supercharge your lead capture and CRM operations, including customization options, automation, and more.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Upgrade to the Pro version today and transform your WordPress website into a lead generation and CRM powerhouse with WP Freshsales.\u003C\u002Fp>\n\u003Ch4>Other Useful Plugins & Addons By Smackcoders\u003C\u002Fh4>\n\u003Cp>To \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-ultimate-csv-importer\u002F\" rel=\"ugc\">Import and Export WordPress Data as CSV or XML\u003C\u002Fa>\u003Cbr \u002F>\nand \u003Ca href=\"https:\u002F\u002Fwww.smackcoders.com\u002Fwp-ultimate-csv-importer-pro.html\" rel=\"nofollow ugc\">for premium version of the plugin, you can get it here\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The Leads Builder for WordPress to capture your webforms as leads to one of the top ranking open source CRM, install the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-leads-builder-any-crm\u002F\" rel=\"ugc\">WordPress Lead Form Data Collection to CRM\u003C\u002Fa> Plugin. Install one of the CRM of your choice with the additional add-ons listed below and keep both parent plugin and CRM addon activated.\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-zoho-crm\u002F\" rel=\"ugc\">Zoho CRM & Zoho CRM Plus\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-salesforce\u002F\" rel=\"ugc\">Salesforce\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-sugar-free\u002F\" rel=\"ugc\">SugarCRM\u003C\u002Fa>\u003Cbr \u002F>\n* \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-tiger\u002F\" rel=\"ugc\">Vtiger CRM\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>To know more about the premium bundled version, visit \u003Ca href=\"https:\u002F\u002Fwww.smackcoders.com\u002Fwp-leads-builder-any-crm-pro.html\" rel=\"nofollow ugc\">WordPress Lead Form Data Collection to CRM with unlimited features\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Helpful links\u003C\u002Fh4>\n\u003Cp>Visit \u003Ca href=\"https:\u002F\u002Fwww.smackcoders.com\" rel=\"nofollow ugc\">Smackcoders\u003C\u002Fa> to explore more WordPress products. You can write to us your comments, feedback at \u003Ca href=\"mailto:support@smackcoders.com\" rel=\"nofollow ugc\">support@smackcoders.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Get to know about other WordPress addons and latest product update news at \u003Ca href=\"https:\u002F\u002Fwww.smackcoders.com\u002Fblog\u002Fcategory\u002Fwordpress-products\" rel=\"nofollow ugc\">www.smackcoders.com\u002Fblogs.html\u003C\u002Fa>\u003C\u002Fp>\n","Streamline Lead Capture, User Sync, and CRM Integration Effortlessly with WP Freshsales - Your All-in-One Solution",3478,"2025-03-06T06:13:00.000Z","6.7.5","5.0",[21,48,49,50,51],"freshsales-crm","freshsales-integration","lead-capture","user-sync","https:\u002F\u002Fwww.smackcoders.com\u002Fwp-leads-builder-any-crm-pro.html","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-freshsales.2.2.zip",92,{"slug":56,"name":57,"version":58,"author":59,"author_profile":60,"description":61,"short_description":62,"active_installs":63,"downloaded":64,"rating":24,"num_ratings":24,"last_updated":65,"tested_up_to":66,"requires_at_least":67,"requires_php":68,"tags":69,"homepage":74,"download_link":75,"security_score":13,"vuln_count":24,"unpatched_count":24,"last_vuln_date":25,"fetched_at":26},"crm-integration-freshworks-any-form","Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More","1.0.14","Plugcrux","https:\u002F\u002Fprofiles.wordpress.org\u002Fplugcrux\u002F","\u003Cp>This plugin sends form submissions from Contact Form 7, WPForms, Elementor Forms, Gravity Forms, and Formidable Forms to Freshsales CRM (by Freshworks).\u003C\u002Fp>\n\u003Cp>When a user submits a form, the plugin can create or update records (such as Leads or Contacts) in your Freshsales CRM account. This helps reduce manual data entry and keeps your Freshsales CRM data in sync with your website forms.\u003C\u002Fp>\n\u003Cp>Supported form plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\" rel=\"ugc\">Contact Form 7\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpforms-lite\u002F\" rel=\"ugc\">WPForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Felementor\u002F\" rel=\"ugc\">Elementor Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.gravityforms.com\u002F\" rel=\"nofollow ugc\">Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fformidable\u002F\" rel=\"ugc\">Formidable Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fy_aV8g73uW8?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>Authentication\u003C\u002Fh3>\n\u003Cp>To connect your Freshsales CRM account:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to the Accounts page in the plugin.\u003C\u002Fli>\n\u003Cli>Click Add Account.\u003C\u002Fli>\n\u003Cli>Enter an identifiable account name (for example, “Main Freshsales CRM Account”).\u003C\u002Fli>\n\u003Cli>Enter your Freshsales CRM instance URL (for example, \u003Ccode>https:\u002F\u002Fyourcompany.freshsales.io\u003C\u002Fcode>).\u003C\u002Fli>\n\u003Cli>Enter your Freshsales API key from your Freshsales account settings.\u003C\u002Fli>\n\u003Cli>Click Save Account.\u003C\u002Fli>\n\u003Cli>After saving, the account will be listed on the Accounts page.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Add Integration\u003C\u002Fh3>\n\u003Cp>To create a new integration:\u003C\u002Fp>\n\u003Col>\n\u003Cli>Go to the Setup page.\u003C\u002Fli>\n\u003Cli>Click Add Integration.\u003C\u002Fli>\n\u003Cli>Enter an integration name (for example, “Lead Capture Form”).\u003C\u002Fli>\n\u003Cli>Select the form type (Contact Form 7, WPForms, Elementor, Gravity Forms, or Formidable).\u003C\u002Fli>\n\u003Cli>Choose the connected Freshsales CRM account.\u003C\u002Fli>\n\u003Cli>Select the Freshsales CRM module where records should be created (for example, Leads, Contacts, Deals).\u003C\u002Fli>\n\u003Cli>Map form fields to Freshsales CRM fields in the field mapping section.\u003C\u002Fli>\n\u003Cli>Optionally map additional fields such as phone, company, custom fields, or attachments (where supported).\u003C\u002Fli>\n\u003Cli>Use the filter criteria section to apply conditions (for example, sync only if a checkbox is selected).\u003C\u002Fli>\n\u003Cli>Click Save Mapping.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Logs\u003C\u002Fh3>\n\u003Cp>The plugin provides a logs section to review how data is being sent to Freshsales CRM.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Open the Logs page to see a list of submissions and their statuses.\u003C\u002Fli>\n\u003Cli>Typical statuses include:\n\u003Cul>\n\u003Cli>SUCCESS – record created or updated successfully.\u003C\u002Fli>\n\u003Cli>RECORD_FAILED – record not created due to an error (for example, missing required fields).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Additional options:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Filter logs by integration, status, or date range.\u003C\u002Fli>\n\u003Cli>Open the log details view to see the full request, response, and error messages.\u003C\u002Fli>\n\u003Cli>Resync or delete individual records, or use bulk actions where available.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Settings\u003C\u002Fh3>\n\u003Cp>Global settings can be managed from the Settings page:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Delete data on uninstall – when enabled, plugin data will be removed when the plugin is deleted from WordPress.\u003C\u002Fli>\n\u003Cli>Error email notification – enable or disable email notifications when a record fails.\u003C\u002Fli>\n\u003Cli>Notification emails – specify one or more email addresses (comma-separated) to receive error notifications.\u003C\u002Fli>\n\u003Cli>Email subject – set the subject line for error notification emails.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy and Data Handling\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Form submission data is sent from your WordPress site to Freshsales CRM via their API.\u003C\u002Fli>\n\u003Cli>The plugin does not send data to any third-party service other than the configured Freshsales CRM instance.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Free and Paid Features\u003C\u002Fh3>\n\u003Cp>The plugin is available in a free version with optional paid features.\u003C\u002Fp>\n\u003Cp>Free version includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Connect up to 2 Freshsales CRM accounts\u003C\u002Fli>\n\u003Cli>Connect up to 2 forms\u003C\u002Fli>\n\u003Cli>Support for standard fields and basic field mapping\u003C\u002Fli>\n\u003Cli>Custom value support\u003C\u002Fli>\n\u003Cli>System fields mapping (where supported)\u003C\u002Fli>\n\u003Cli>Error log view and basic management\u003C\u002Fli>\n\u003Cli>Email notifications for failed records\u003C\u002Fli>\n\u003Cli>No daily record limit enforced by the plugin\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Paid version adds:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unlimited account connections (subject to Freshsales CRM limits)\u003C\u002Fli>\n\u003Cli>Unlimited form connections\u003C\u002Fli>\n\u003Cli>Premium field support\u003C\u002Fli>\n\u003Cli>Custom field mapping\u003C\u002Fli>\n\u003Cli>Extended resync options and log handling\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Upgrade now: https:\u002F\u002Fintegrazo.com\u002Fproducts\u002Ffreshworks-crm-integration-with-any-form\u003C\u002Fp>\n\u003Ch3>Features Overview\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Connect Freshsales CRM to supported form plugins\u003C\u002Fli>\n\u003Cli>Configure multiple Freshsales CRM accounts and modules\u003C\u002Fli>\n\u003Cli>Map form fields to Freshsales CRM fields, including custom fields\u003C\u002Fli>\n\u003Cli>Real-time syncing of form submissions to Freshsales CRM\u003C\u002Fli>\n\u003Cli>Optional conditional logic to control when records are created or updated\u003C\u002Fli>\n\u003Cli>Activity logs with status and error details\u003C\u002Fli>\n\u003Cli>Resync options for failed records\u003C\u002Fli>\n\u003Cli>Optional email notifications for errors\u003C\u002Fli>\n\u003Cli>Settings to control data removal on uninstall\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Need help or have a feature request?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fintegrazo.com\u002Fpages\u002Fcontact?utm_source=readme&utm_medium=support_link&utm_campaign=freshworks_integration  \u003C\u002Fli>\n\u003Cli>https:\u002F\u002Fintegrazo.com\u002Fpages\u002Frequest-feature?utm_source=readme&utm_medium=feature_link&utm_campaign=freshworks_integration  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Website: https:\u002F\u002Fintegrazo.com\u002F\u003Cbr \u002F>\nEmail: support@integrazo.com\u003C\u002Fp>\n\u003Ch3>Additional Notes\u003C\u002Fh3>\n\u003Cp>This plugin is compatible with WordPress multisite installations and has been tested with recent WordPress versions.\u003C\u002Fp>\n","Connect Contact Form 7, WPForms, Elementor Forms, Gravity Forms, and more form submissions with Freshsales CRM.",20,1390,"2026-03-10T11:11:00.000Z","6.9.4","6.0","7.4",[70,71,21,72,73],"contact-form-7","elementor-forms","freshworks","wpforms","https:\u002F\u002Fintegrazo.com\u002Fproducts\u002Ffreshworks-crm-integration-with-any-form","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrm-integration-freshworks-any-form.1.0.14.zip",{"attackSurface":77,"codeSignals":93,"taintFlows":136,"riskAssessment":192,"analyzedAt":208},{"hooks":78,"ajaxHandlers":89,"restRoutes":90,"shortcodes":91,"cronEvents":92,"entryPointCount":24,"unprotectedCount":24},[79,84],{"type":80,"name":81,"callback":82,"file":83,"line":11},"action","admin_menu","cf7_fs_go_main_menu","includes\\admin\\admin.php",{"type":80,"name":85,"callback":86,"priority":63,"file":87,"line":88},"wpcf7_before_send_mail","cf7_fs_go_integration","includes\\functions.php",11,[],[],[],[],{"dangerousFunctions":94,"sqlUsage":101,"outputEscaping":103,"fileOperations":134,"externalRequests":134,"nonceChecks":24,"capabilityChecks":24,"bundledLibraries":135},[95,99],{"fn":96,"file":83,"line":97,"context":98},"unserialize",36,"$modules = unserialize( get_option( 'cf7_fs_go_modules' ) );",{"fn":96,"file":83,"line":100,"context":98},143,{"prepared":24,"raw":24,"locations":102},[],{"escaped":88,"rawEcho":104,"locations":105},17,[106,109,111,113,115,116,117,119,121,123,124,125,126,128,129,131,133],{"file":83,"line":107,"context":108},67,"raw output",{"file":83,"line":110,"context":108},74,{"file":83,"line":112,"context":108},132,{"file":83,"line":114,"context":108},150,{"file":83,"line":114,"context":108},{"file":83,"line":114,"context":108},{"file":83,"line":118,"context":108},215,{"file":83,"line":120,"context":108},217,{"file":83,"line":122,"context":108},228,{"file":83,"line":122,"context":108},{"file":83,"line":122,"context":108},{"file":83,"line":122,"context":108},{"file":83,"line":127,"context":108},233,{"file":83,"line":127,"context":108},{"file":83,"line":130,"context":108},282,{"file":83,"line":132,"context":108},284,{"file":83,"line":132,"context":108},2,[],[137,155,175],{"entryPoint":138,"graph":139,"unsanitizedCount":14,"severity":154},"cf7_fs_go_integration_callback (includes\\admin\\admin.php:91)",{"nodes":140,"edges":151},[141,146],{"id":142,"type":143,"label":144,"file":83,"line":145},"n0","source","$_REQUEST",99,{"id":147,"type":148,"label":149,"file":83,"line":112,"wp_function":150},"n1","sink","echo() [XSS]","echo",[152],{"from":142,"to":147,"sanitized":153},false,"medium",{"entryPoint":156,"graph":157,"unsanitizedCount":134,"severity":174},"cf7_fs_go_configuration_callback (includes\\admin\\admin.php:22)",{"nodes":158,"edges":171},[159,162,165,169],{"id":142,"type":143,"label":160,"file":83,"line":161},"$_REQUEST['cf7_fs_go_instance_url']",25,{"id":147,"type":148,"label":163,"file":83,"line":161,"wp_function":164},"update_option() [Settings Manipulation]","update_option",{"id":166,"type":143,"label":167,"file":83,"line":168},"n2","$_REQUEST['cf7_fs_go_api_key']",26,{"id":170,"type":148,"label":163,"file":83,"line":168,"wp_function":164},"n3",[172,173],{"from":142,"to":147,"sanitized":153},{"from":166,"to":170,"sanitized":153},"low",{"entryPoint":176,"graph":177,"unsanitizedCount":191,"severity":174},"\u003Cadmin> (includes\\admin\\admin.php:0)",{"nodes":178,"edges":187},[179,180,181,182,183,185],{"id":142,"type":143,"label":160,"file":83,"line":161},{"id":147,"type":148,"label":163,"file":83,"line":161,"wp_function":164},{"id":166,"type":143,"label":167,"file":83,"line":168},{"id":170,"type":148,"label":163,"file":83,"line":168,"wp_function":164},{"id":184,"type":143,"label":144,"file":83,"line":145},"n4",{"id":186,"type":148,"label":149,"file":83,"line":112,"wp_function":150},"n5",[188,189,190],{"from":142,"to":147,"sanitized":153},{"from":166,"to":170,"sanitized":153},{"from":184,"to":186,"sanitized":153},3,{"summary":193,"deductions":194},"The \"connect-cf-7-freshsales-crm\" plugin version 1.1.1 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices by not exposing a large attack surface through AJAX, REST API, or shortcodes, and it has no recorded vulnerabilities or CVEs, indicating a history of stable security. Furthermore, all SQL queries utilize prepared statements, which is a strong defense against SQL injection. However, there are significant areas of concern within the code analysis. The presence of the \"unserialize\" function, especially without accompanying capability checks or nonce checks, is a major red flag, as it can be exploited to execute arbitrary code if untrusted data is passed to it. The low percentage of properly escaped output (39%) also presents a risk of cross-site scripting (XSS) vulnerabilities, particularly if the unescaped output contains user-supplied data. While taint analysis found no critical or high-severity unsanitized paths, the three flows with unsanitized paths, combined with the \"unserialize\" function and poor output escaping, suggest potential for vulnerabilities that might not have been fully captured by the automated analysis.\n\nIn conclusion, while the plugin's lack of historical vulnerabilities and its use of prepared statements are commendable, the static analysis reveals critical weaknesses. The \"unserialize\" function and the significant amount of unescaped output represent substantial risks. The absence of capability and nonce checks on these potentially dangerous areas exacerbates these risks. It is strongly recommended that these issues be addressed immediately to mitigate the potential for severe security breaches.",[195,198,201,204,206],{"reason":196,"points":197},"Dangerous function \"unserialize\" used without auth checks",15,{"reason":199,"points":200},"Low percentage of properly escaped output (39%)",8,{"reason":202,"points":203},"Flows with unsanitized paths (3)",5,{"reason":205,"points":203},"No nonce checks detected",{"reason":207,"points":203},"No capability checks detected","2026-03-16T23:49:18.568Z",{"wat":210,"direct":216},{"assetPaths":211,"generatorPatterns":212,"scriptPaths":213,"versionParams":214},[],[],[],[215],"connect-cf-7-freshsales-crm\u002Fincludes\u002Fjs\u002Fcf7-freshsales-integration.js?ver=",{"cssClasses":217,"htmlComments":220,"htmlAttributes":228,"restEndpoints":234,"jsGlobals":235,"shortcodeOutput":241},[218,219],"cf7_fs_go_fields","cf7_fs_go_module",[221,222,223,224,225,226,227],"\u003C!-- Connect CF 7 - Freshsales CRM -->","\u003C!-- This is a constant variable for plugin path. -->","\u003C!-- This is a file for includes core functionality. -->","\u003C!-- This is a function that run when plugin activation. -->","\u003C!-- This is a function that creates admin menu. -->","\u003C!-- This is a function for configuration. -->","\u003C!-- This is a function for integration. -->",[229,230,231,232,233],"name=\"cf7_fs_go_instance_url\"","name=\"cf7_fs_go_api_key\"","name=\"cf7_fs_go_module\"","name=\"cf7_fs_go_fields\"","name=\"cf7_fs_go\"",[],[236,237,238,239,219,240,218],"cf7_fs_go_instance_url","cf7_fs_go_api_key","cf7_fs_go_modules","cf7_fs_go_modules_fields","cf7_fs_go",[],{"error":243,"url":244,"statusCode":245,"statusMessage":246,"message":246},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fconnect-cf-7-freshsales-crm\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":24,"versions":248},[]]