[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fnEWLR5d21hkzOL5kCaity7RMnVpxj9K8ynSt6jOsqTw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":116,"crawl_stats":38,"alternatives":122,"analysis":227,"fingerprints":488},"contact-form-7-dynamic-text-extension","Contact Form 7 – Dynamic Text Extension","5.0.5","sevenspark","https:\u002F\u002Fprofiles.wordpress.org\u002Fsevenspark\u002F","\u003Cp>Contact Form 7 is an excellent WordPress plugin and one of the top choices of free WordPress plugins for contact forms. Contact Form 7 – Dynamic Text Extension (DTX) makes it even more awesome by adding dynamic content capabilities. While default values in Contact Form 7 are static, DTX lets you create pre-populated fields pulled from other locations. Some examples might include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Auto-filling a URL or just getting the domain name or path\u003C\u002Fli>\n\u003Cli>Auto-filling a post ID, title, or slug\u003C\u002Fli>\n\u003Cli>Auto-filling a title, URL, or slug for the current page\u003C\u002Fli>\n\u003Cli>Pre-populating a product number\u003C\u002Fli>\n\u003Cli>Referencing other content on the site\u003C\u002Fli>\n\u003Cli>Populating with post or page info\u003C\u002Fli>\n\u003Cli>Populating with the current user’s info\u003C\u002Fli>\n\u003Cli>Populating with custom and meta fields\u003C\u002Fli>\n\u003Cli>Generating unique identifiers for support tickets\u003C\u002Fli>\n\u003Cli>Getting a list of post categories or other custom taxonomies\u003C\u002Fli>\n\u003Cli>Getting a value from a cookie\u003C\u002Fli>\n\u003Cli>Getting custom theme modifications\u003C\u002Fli>\n\u003Cli>Any value using custom shortcodes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The possibilities are endless!\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002F?preview=1\" rel=\"ugc\">View Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>For over 10 years, DTX only handled \u003Ccode>\u003Cinput type=\"text\" \u002F>\u003C\u002Fcode> and \u003Ccode>\u003Cinput type=\"hidden\" \u002F>\u003C\u002Fcode> form fields, but version 4 finally introduces more:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>email\u003C\u002Fli>\n\u003Cli>URL\u003C\u002Fli>\n\u003Cli>tel (for phone numbers)\u003C\u002Fli>\n\u003Cli>number\u003C\u002Fli>\n\u003Cli>range (slider)\u003C\u002Fli>\n\u003Cli>textarea (multiline text)\u003C\u002Fli>\n\u003Cli>drop-down menu (select field)\u003C\u002Fli>\n\u003Cli>checkboxes\u003C\u002Fli>\n\u003Cli>radio buttons\u003C\u002Fli>\n\u003Cli>date\u003C\u002Fli>\n\u003Cli>submit (yes, a submit button where you can have dynamic text!)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>WHAT DOES IT DO?\u003C\u002Fh3>\n\u003Cp>DTX provides flexibility to WordPress users in creating dynamic forms in Contact Form 7. DTX comes with several built-in shortcodes that will allow the contact form to be populated from HTTPS GET variable or any info from the \u003Ccode>get_bloginfo()\u003C\u002Fcode> function, among others. See below for included shortcodes.\u003C\u002Fp>\n\u003Cp>Don’t see the shortcode you need on the list? You can write a \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fcustom-shortcodes\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">custom one\u003C\u002Fa>! Any shortcode that returns a string or numeric value can be used here. The included shortcodes just cover the most common scenarios, but DTX provides the flexibility for you to grab any value you have access to programmatically.\u003C\u002Fp>\n\u003Ch4>Dynamic Value\u003C\u002Fh4>\n\u003Cp>The bread and butter of this plugin, set a dynamic value! This field can take any shortcode, with two important provisions:\u003C\u002Fp>\n\u003Col>\n\u003Cli>The shortcode should NOT include the normal square brackets (\u003Ccode>[\u003C\u002Fcode> and \u003Ccode>]\u003C\u002Fcode>). So, instead of \u003Ccode>[CF7_GET key='value']\u003C\u002Fcode> you would use \u003Ccode>CF7_GET key='value'\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Any parameters in the shortcode must use single quotes. That is: \u003Ccode>CF7_GET key='value'\u003C\u002Fcode> and not \u003Ccode>CF7_GET key=\"value\"\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Dynamic Placeholder\u003C\u002Fh4>\n\u003Cp>Set a dynamic placeholder with this attribute! This feature accepts static text or a shortcode. If using a shortcode, the same syntax applies from the dynamic value field. However, this field also has a few more needs:\u003C\u002Fp>\n\u003Col>\n\u003Cli>The text\u002Fshortcode must first have apostrophes converted to it’s HTML entity code, \u003Ccode>&#39;\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>After that, it must be URL encoded so that spaces become \u003Ccode>%20\u003C\u002Fcode> and other non-alphanumeric characters are converted.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>If you’re using Contact Form 7’s tag generator to create the form tag, those extra needs are already taken care of. Dynamic placeholders are not available for dynamic hidden form tags.\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-attribute-placeholder\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Compatible with Caching Plugins\u003C\u002Fh4>\n\u003Cp>DTX is cache friendly! You can set a field to be calculated after the page loads by setting the \u003Ccode>dtx_pageload\u003C\u002Fcode> attribute to any dynamic form tag.\u003C\u002Fp>\n\u003Cp>Many websites use caching plugins to optimize for performance. If your website caches the HTML of the form, then any dynamic form fields you have get their first calculated value cached alongside it. This becomes an issue if you’re using DTX to pull values from a cookie or the current URL’s query string.\u003C\u002Fp>\n\u003Cp>This is best for dynamic form fields that:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>gets the current URL\u003C\u002Fli>\n\u003Cli>gets a value from the URL query\u003C\u002Fli>\n\u003Cli>gets a value from a cookie\u003C\u002Fli>\n\u003Cli>gets the current user’s info\u003C\u002Fli>\n\u003Cli>generates a unique identifier (GUID)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For dynamic fields that are page-specific, it’s perfectly safe to cache those values. For example, dynamic form fields that:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>getting the page or post’s ID, title, or slug\u003C\u002Fli>\n\u003Cli>getting post meta for the current page\u003C\u002Fli>\n\u003Cli>getting the post’s assigned categories, tags, or other custom taxonomy\u003C\u002Fli>\n\u003Cli>getting site info\u003C\u002Fli>\n\u003Cli>getting theme modification values\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Note: Enabling a dynamic field to be calculated after the page loads will add frontend JavaScript. Depending on the shortcode used as the dynamic value, an AJAX call to the server may be sent to be processed. The script is minified and loaded in the footer and is deferred, minimizing impact on site performance and the AJAX calls are called asynchronously to avoid being a render-blocking resource and minimizing main-thread work. The script itself can be safely cached too.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fform-tag-attribute-after-page-load\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Read Only Form Fields\u003C\u002Fh4>\n\u003Cp>Check this box if you do not want to let users edit this field. It will add the \u003Ccode>readonly\u003C\u002Fcode> attribute to the input form field. This feature is not available for dynamic hidden form tags.\u003C\u002Fp>\n\u003Ch4>Obfuscate Values for Enhanced Privacy\u003C\u002Fh4>\n\u003Cp>If you’re pre-filling a form field with an email address, bots can scrape that value from the page and use it for spam. You can add an additional layer of protecting by obfuscating the value, which turns each character into it’s ASCII code. To the human eye, it looks like the character it’s supposed to be because browsers will render the ASCII code, but for bots, it won’t look like an email address!\u003C\u002Fp>\n\u003Ch3>HOW TO USE IT\u003C\u002Fh3>\n\u003Cp>After installing and activating the plugin, you will have 2 new tag types to select from when creating or editing a Contact Form 7 form: the dynamic text field and dynamic hidden field. Most of the options in their tag generators will be familiar to Contact Form 7 users but there have been some upgrades.\u003C\u002Fp>\n\u003Ch4>How to Obfuscate Values\u003C\u002Fh4>\n\u003Cp>All of the shortcodes included with the DTX plugin allow the \u003Ccode>obfuscate\u003C\u002Fcode> attribute that you can set to any truthy value to provide an additional layer of security for sensitive data.\u003C\u002Fp>\n\u003Cp>The Contact Form 7 tag with obfuscation turned on would look like this: \u003Ccode>[dynamictext user_email \"CF7_get_current_user key='user_email' obfuscate='on'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>How to Enable Cache-Friendly Mode\u003C\u002Fh4>\n\u003Cp>All of the dynamic form tags can be enabled for processing on the frontend of the website, or the client-side, by adding the \u003Ccode>dtx_pageload\u003C\u002Fcode> attribute to the Contact Form 7 form tag.\u003C\u002Fp>\n\u003Cp>In the form editor of Contact Form 7, your form tag would look like: \u003Ccode>[dynamictext current_url dtx_pageload \"CF7_URL\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>If using the tag generator, it’s as simple as checking a box!\u003C\u002Fp>\n\u003Ch3>INCLUDED SHORTCODES\u003C\u002Fh3>\n\u003Cp>The plugin includes several shortcodes for use with the Dynamic Text Extension right out of the box. You can write your own as well—any self-closing shortcode will work, even with attributes!\u003C\u002Fp>\n\u003Ch4>Current URL or Part\u003C\u002Fh4>\n\u003Cp>Retrieve the current URL: \u003Ccode>CF7_URL\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>In the form editor of Contact Form 7, your form tag would look like: \u003Ccode>[dynamictext dynamicname \"CF7_URL\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Optional parameter: \u003Ccode>part\u003C\u002Fcode>, which will return a parsed part of the URL.  Valid values are \u003Ccode>host\u003C\u002Fcode>, \u003Ccode>query\u003C\u002Fcode>, and \u003Ccode>path\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Host: Just the domain name and tld\u003Cbr \u002F>\n    [dynamictext host “CF7_URL part=’host'”]\u003C\u002Fp>\n\u003Cp>Query: The query string after the ?, if one exists\u003Cbr \u002F>\n    [dynamictext query “CF7_URL part=’query'”]\u003C\u002Fp>\n\u003Cp>Path: The URL path, for example, \u002Fcontact, if one exists\u003Cbr \u002F>\n    [dynamictext path “CF7_URL part=’path'”]\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-current-url\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Referrer URL\u003C\u002Fh4>\n\u003Cp>Get the referral URL, if it exists. Note that this is not necessarily reliable as not all browsers send this data.\u003C\u002Fp>\n\u003Cp>CF7 Tag: \u003Ccode>[dynamictext dynamicname \"CF7_referrer\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-referrer-url\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Current Page Variables\u003C\u002Fh4>\n\u003Cp>Retrieve information about the current page that the contact form is displayed on. Works great for use in templated areas like the site header, footer, widget, or sidebar! The shortcode works as follows:\u003C\u002Fp>\n\u003Cp>Built-in shortcode: \u003Ccode>CF7_get_current_var\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Required attribute: \u003Ccode>key\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Possible values for \u003Ccode>key\u003C\u002Fcode> include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>id\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>title\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>url\u003C\u002Fcode> (an alias for \u003Ccode>CF7_URL\u003C\u002Fcode>)\u003C\u002Fli>\n\u003Cli>\u003Ccode>slug\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>featured_image\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>terms\u003C\u002Fcode> (an alias for \u003Ccode>CF7_get_taxonomy\u003C\u002Fcode>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For pages that use a \u003Ccode>WP_POST\u003C\u002Fcode> object, this acts as an alias for \u003Ccode>CF7_get_post_var\u003C\u002Fcode> so those attributes work here as well.\u003C\u002Fp>\n\u003Cp>For author pages, this acts as an alias for \u003Ccode>CF7_get_current_user\u003C\u002Fcode> so those attributes work here as well.\u003C\u002Fp>\n\u003Cp>In the form editor of Contact Form 7, your form tag’s value could look like: \u003Ccode>CF7_get_current_var key='title'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>And then the full form tag would be: \u003Ccode>[dynamictext dynamicname \"CF7_get_current_var key='title'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-current-variables\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Post\u002FPage Info\u003C\u002Fh4>\n\u003Cp>Retrieve information about the current post or page (must be for a WP_POST object) that the contact form is displayed on. The shortcode works as follows:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>CF7_get_post_var key='title'      \u003C-- retrieves the Post's Title\nCF7_get_post_var key='slug'       \u003C-- retrieves the Post's Slug\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>You can also retrieve any parameter from the global \u003Ccode>$post\u003C\u002Fcode> object. Just set that as the \u003Ccode>key\u003C\u002Fcode> value, for example \u003Ccode>post_date\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>The Contact Form 7 Tag would look like: \u003Ccode>[dynamictext dynamicname \"CF7_get_post_var key='title'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Need to pull data from a \u003Cem>different\u003C\u002Fem> post\u002Fpage? Not a problem! Just specify it’s post ID like this:\u003C\u002Fp>\n\u003Cp>Dynamic value: \u003Ccode>CF7_get_post_var key='title' post_id='245'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Contact Form 7 Tag: \u003Ccode>[dynamictext dynamicname \"CF7_get_post_var key='title' post_id='245'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-post-page-variables\u002F\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Post Meta & Custom Fields\u003C\u002Fh4>\n\u003Cp>Retrieve custom fields from the current post\u002Fpage. Just set the custom field as the key in the shortcode.\u003C\u002Fp>\n\u003Cp>Note: You must add any meta keys that you want to allow access to to the allow list in your admin panel > Contact > Dynamic Text Extension > Meta Key Allow List.  \u003Ca href=\"https:\u002F\u002Fsevenspark.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fallow-data-access\" rel=\"nofollow ugc\">More Information\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The dynamic value input becomes: \u003Ccode>CF7_get_custom_field key='my_custom_field'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>And the tag looks like this: \u003Ccode>[dynamictext dynamicname \"CF7_get_custom_field key='my_custom_field'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>For the purposes of including an email address, you can obfuscate the custom field value by setting obfuscate=’on’ in the shortcode like this:\u003Cbr \u002F>\n    [dynamictext dynamicname “CF7_get_custom_field key=’my_custom_field’ obfuscate=’on'”]\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-post-meta-custom-fields\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Featured Images & Media Attachments\u003C\u002Fh4>\n\u003Cp>Retrieve the current post’s featured image, the featured image of a different page, or any attachment from the Media Library with this shortcode!\u003C\u002Fp>\n\u003Cp>The base shortcode is simply: \u003Ccode>CF7_get_attachment\u003C\u002Fcode> which returns the absolute URL of the current page’s featured image.\u003C\u002Fp>\n\u003Cp>By setting the \u003Ccode>post_id\u003C\u002Fcode> attribute to a post ID, you can get the featured image of another page.\u003C\u002Fp>\n\u003Cp>By setting the \u003Ccode>id\u003C\u002Fcode> attribute to an attachment ID, you can get the absolute URL of any image uploaded to your WordPress website.\u003C\u002Fp>\n\u003Cp>By setting the \u003Ccode>size\u003C\u002Fcode> attribute to any size registered on your website, you can get a specific image size.\u003C\u002Fp>\n\u003Cp>Want to return the attachment ID instead of the URL? Also not a problem! Just set \u003Ccode>return='id'\u003C\u002Fcode> in the shortcode.\u003C\u002Fp>\n\u003Cp>Most of the optional attributes can be used at the same time. For example, if I wanted to retrieve the attachment ID of a featured image for a different post, then the dynamic text form tag would look like this:\u003Cbr \u002F>\n    [dynamictext input_name “CF7_get_attachment post_id=’123′ return=’id'”]\u003C\u002Fp>\n\u003Cp>If I wanted to get a specific image at a specific size, I can use this:\u003Cbr \u002F>\n    [dynamictext input_name “CF7_get_attachment id=’123′ size=’thumbnail'”]\u003C\u002Fp>\n\u003Cp>The only two attributes that can’t play together is \u003Ccode>id\u003C\u002Fcode> and \u003Ccode>post_id\u003C\u002Fcode>. If both are specified, it will get the attachment specified by \u003Ccode>id\u003C\u002Fcode> and completely ignore the \u003Ccode>post_id\u003C\u002Fcode> attribute. If neither are specified, then it looks to the current featured image assigned to the global \u003Ccode>$post\u003C\u002Fcode> object.\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-media-attachment\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Current User Info & User Meta\u003C\u002Fh4>\n\u003Cp>Get data about the current logged-in user.\u003C\u002Fp>\n\u003Cp>Dynamic value: \u003Ccode>CF7_get_current_user key='user_displayname'\u003C\u002Fcode>\u003Cbr \u002F>\nCF7 Tag: \u003Ccode>[dynamictext dynamicname \"CF7_get_current_user\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Note: You must add any user keys that you want to allow access to to the allow list in your admin panel > Contact > Dynamic Text Extension > User Data Key Allow List.  \u003Ca href=\"https:\u002F\u002Fsevenspark.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fallow-data-access\" rel=\"nofollow ugc\">More Information\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Valid values for \u003Ccode>key\u003C\u002Fcode> include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ccode>ID\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>user_login\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>display_name\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>user_email\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>user_firstname\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>user_lastname\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>\u003Ccode>user_description\u003C\u002Fcode>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>But also custom meta user keys!\u003C\u002Fp>\n\u003Cp>For the purposes of including an email address, you can obfuscate the value by setting obfuscate=’on’ in the shortcode like this:\u003Cbr \u002F>\n    [dynamictext dynamicname “CF7_get_current_user key=’user_email’ obfuscate=’on'”]\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-current-user-user-meta\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Site\u002FBlog Info\u003C\u002Fh4>\n\u003Cp>Want to grab some information from your blog like the URL or the site name? Use the \u003Ccode>CF7_bloginfo\u003C\u002Fcode> shortcode. For example, to get the site’s URL:\u003C\u002Fp>\n\u003Cp>Enter the following into the “Dynamic Value” input: \u003Ccode>CF7_bloginfo show='url'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Your Content Form 7 Tag will look something like this: \u003Ccode>[dynamictext dynamicname \"CF7_bloginfo show='url'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Your form’s dynamicname text input will then be pre-populated with your site’s URL\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-site-blog-information\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Theme Options\u003C\u002Fh4>\n\u003Cp>Want to retrieve values from your active theme’s Customizer? Now you can with the \u003Ccode>CF7_get_theme_option\u003C\u002Fcode> shortcode.\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-theme-option\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>HTTP GET Variables\u003C\u002Fh4>\n\u003Cp>Want to use a variable from the PHP \u003Ccode>$_GET\u003C\u002Fcode> array? Just use the \u003Ccode>CF7_GET\u003C\u002Fcode> shortcode. For example, if you want to get the foo parameter from the url\u003Cbr \u002F>\n    http:\u002F\u002Fmysite.com?foo=bar\u003C\u002Fp>\n\u003Cp>Enter the following into the “Dynamic Value” input: \u003Ccode>CF7_GET key='foo'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Your Content Form 7 Tag will look something like this: \u003Ccode>[dynamictext dynamicname \"CF7_GET key='foo'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Your form’s dynamicname text input will then be pre-populated with the value of \u003Ccode>foo\u003C\u002Fcode>, in this case, \u003Ccode>bar\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-php-get-variables\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>HTTP POST Variables\u003C\u002Fh4>\n\u003Cp>Grab variables from the PHP \u003Ccode>$_POST\u003C\u002Fcode> array. The shortcode is much like the GET shortcode:\u003C\u002Fp>\n\u003Cp>Dynamic value: \u003Ccode>CF7_POST key='foo'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Your Content Form 7 Tag will look something like this: \u003Ccode>[dynamictext dynamicname \"CF7_POST key='foo'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-php-post-variables\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Cookie Values\u003C\u002Fh4>\n\u003Cp>If your WordPress website uses cookies, you might want to pull the value of a specific cookie into a form. You can do that with the \u003Ccode>CF7_get_cookie\u003C\u002Fcode> shortcode. It only needs a \u003Ccode>key\u003C\u002Fcode> attribute.\u003C\u002Fp>\n\u003Cp>Dynamic value: \u003Ccode>CF7_get_cookie key='foo'\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Your Content Form 7 Tag will look something like this: \u003Ccode>[dynamictext dynamicname \"CF7_get_cookie key='foo'\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-cookie\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>GUID\u003C\u002Fh4>\n\u003Cp>Generate a globally unique identifier (GUID) in a form field. This is a great utility shortcode for forms that need unique identifiers for support tickets, receipts, reference numbers, etc., without having to expose personally identifiable information (PII). This shortcode takes no parameters: \u003Ccode>CF7_guid\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>In the form editor of Contact Form 7, your form tag would look like: \u003Ccode>[dynamictext dynamicname \"CF7_guid\"]\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Learn more and see examples from \u003Ca href=\"https:\u002F\u002Faurisecreative.com\u002Fdocs\u002Fcontact-form-7-dynamic-text-extension\u002Fshortcodes\u002Fdtx-shortcode-guid\u002F?utm_source=wordpress.org&utm_medium=link&utm_campaign=contact-form-7-dynamic-text-extension&utm_content=readme\" rel=\"nofollow ugc\">the DTX Knowledge base\u003C\u002Fa>.\u003C\u002Fp>\n","Extends Contact Form 7 by adding dynamic form fields that accepts shortcodes to prepopulate form fields with default values and dynamic placeholders.",100000,1907545,94,100,"2026-02-17T14:33:00.000Z","6.9.4","5.5","7.4",[20,21,22,23,24],"autofill","contact-form-7","dynamic-form","form-field","prepopulate","https:\u002F\u002Faurisecreative.com\u002Fproducts\u002Fwordpress-plugin\u002Fcontact-form-7-dynamic-text-extension\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-dynamic-text-extension.5.0.5.zip",74,6,1,"2025-09-26 00:00:00","2026-03-15T15:16:48.613Z",[33,47,62,75,88,103],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":38,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":38},"CVE-2025-63068","contact-form-7-dynamic-text-extension-unauthenticated-arbitrary-shortcode-execution","Contact Form 7 – Dynamic Text Extension \u003C= 5.0.3 - Unauthenticated Arbitrary Shortcode Execution","The The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.",null,"\u003C=5.0.3","medium",6.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:N","Improper Control of Generation of Code ('Code Injection')","2026-01-07 14:40:59",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8584e86d-bafe-4032-9483-c92ecb28ab9c?source=api-prod",{"id":48,"url_slug":49,"title":50,"description":51,"plugin_slug":4,"theme_slug":38,"affected_versions":52,"patched_in_version":53,"severity":40,"cvss_score":54,"cvss_vector":55,"vuln_type":56,"published_date":57,"updated_date":58,"references":59,"days_to_patch":61},"CVE-2024-56218","contact-form-7-dynamic-text-extension-cross-site-request-forgery","Contact Form 7 Dynamic Text Extension \u003C= 5.0.1 - Cross-Site Request Forgery","The Contact Form 7 Dynamic Text Extension plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.0.1. This is due to missing or incorrect nonce validation on the render_options_page() function. This makes it possible for unauthenticated attackers to trigger scans via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=5.0.1","5.0.2",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-12-19 00:00:00","2025-01-08 15:19:08",[60],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc74bf337-9b8b-4461-897a-b49b0077580d?source=api-prod",21,{"id":63,"url_slug":64,"title":65,"description":66,"plugin_slug":4,"theme_slug":38,"affected_versions":67,"patched_in_version":68,"severity":40,"cvss_score":54,"cvss_vector":69,"vuln_type":70,"published_date":71,"updated_date":72,"references":73,"days_to_patch":29},"CVE-2024-10084","contact-form-7-dynamic-text-extension-information-disclosure-via-shortcode","Contact Form 7 – Dynamic Text Extension \u003C= 4.5 - Information Disclosure via Shortcode","The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract the titles and text contents of private and password-protected posts, they do not own.","\u003C=4.5","4.5.1","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Exposure of Sensitive Information to an Unauthorized Actor","2024-11-05 09:02:37","2024-11-05 21:29:17",[74],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fe051a83e-ad5a-4789-bfee-e03aa9d6a3fc?source=api-prod",{"id":76,"url_slug":77,"title":78,"description":79,"plugin_slug":4,"theme_slug":38,"affected_versions":80,"patched_in_version":81,"severity":40,"cvss_score":54,"cvss_vector":69,"vuln_type":82,"published_date":83,"updated_date":84,"references":85,"days_to_patch":87},"CVE-2023-6630","contact-form-7-dynamic-text-extension-insecure-direct-object-reference","Contact Form 7 – Dynamic Text Extension \u003C= 4.1.0 - Insecure Direct Object Reference","The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1.0 via the CF7_get_custom_field and CF7_get_current_user shortcodes due to missing validation on a user controlled key. This makes it possible for authenticated attackers with contributor access or higher to access arbitrary metadata of any post type, referencing the post by id and the meta by key.","\u003C=4.1.0","4.2.0","Exposure of Private Personal Information to an Unauthorized Actor","2024-01-10 00:00:00","2024-07-29 21:37:01",[86],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fa3f1d836-da32-414f-9f2b-d485c44b2486?source=api-prod",202,{"id":89,"url_slug":90,"title":91,"description":92,"plugin_slug":4,"theme_slug":38,"affected_versions":93,"patched_in_version":94,"severity":40,"cvss_score":95,"cvss_vector":96,"vuln_type":97,"published_date":98,"updated_date":99,"references":100,"days_to_patch":102},"WF-fa821005-9593-4a84-b4b4-af746da4d6b9-contact-form-7-dynamic-text-extension","contact-form-7-dynamic-text-extension-authenticated-contributor-stored-cross-site-scripting-via-shortcode","Contact Form 7 Dynamic Text Extension \u003C= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode","The Contact Form 7 Dynamic Text Extension plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page","\u003C=2.0.3","3.0.0",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2023-01-19 00:00:00","2024-01-22 19:56:02",[101],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ffa821005-9593-4a84-b4b4-af746da4d6b9?source=api-prod",369,{"id":104,"url_slug":105,"title":106,"description":107,"plugin_slug":4,"theme_slug":38,"affected_versions":108,"patched_in_version":109,"severity":40,"cvss_score":110,"cvss_vector":111,"vuln_type":97,"published_date":112,"updated_date":99,"references":113,"days_to_patch":115},"WF-59cefa5d-f270-48e1-bb3e-98f710a055d8-contact-form-7-dynamic-text-extension","contact-form-7-dynamic-text-extension-reflected-cross-site-scripting","Contact Form 7 Dynamic Text Extension \u003C 2.0.3 - Reflected Cross-Site Scripting","The Contact Form 7 Dynamic Text Extension plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘key’ parameter in versions before 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C2.0.3","2.0.3",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2019-07-24 00:00:00",[114],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F59cefa5d-f270-48e1-bb3e-98f710a055d8?source=api-prod",1644,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":28,"total_installs":117,"avg_security_score":118,"avg_patch_time_days":119,"trust_score":120,"computed_at":121},126300,89,395,71,"2026-04-03T21:33:25.192Z",[123,145,163,187,205],{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":131,"downloaded":132,"rating":133,"num_ratings":133,"last_updated":134,"tested_up_to":135,"requires_at_least":136,"requires_php":137,"tags":138,"homepage":142,"download_link":143,"security_score":144,"vuln_count":133,"unpatched_count":133,"last_vuln_date":38,"fetched_at":31},"contact-form-7-wysiwyg-field","Contact Form 7 : Wysiwyg Field","1.5","Nicolas GRILLET","https:\u002F\u002Fprofiles.wordpress.org\u002Fnicoss01\u002F","\u003Cp>Add wysiwyg fields to the popular Contact Form 7 plugin.\u003Cbr \u002F>\nThis field use the default WYSIWYG editor set in WordPress parameters.\u003Cbr \u002F>\nYou just have to install this plugin to add a new field type in Contact form 7 fields.\u003C\u002Fp>\n","Add wysiwyg fields to the popular Contact Form 7 plugin.",20,4121,0,"2014-09-16T13:29:00.000Z","4.0.38","3.8.1","",[21,139,140,23,141],"editor-field","field","wisiwyg","http:\u002F\u002Fwww.devictio.fr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-wysiwyg-field.zip",85,{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":137,"short_description":151,"active_installs":152,"downloaded":153,"rating":133,"num_ratings":133,"last_updated":154,"tested_up_to":155,"requires_at_least":156,"requires_php":137,"tags":157,"homepage":161,"download_link":162,"security_score":144,"vuln_count":133,"unpatched_count":133,"last_vuln_date":38,"fetched_at":31},"autofill-cf7-bb","autofill-CF7-BB","1.0.1","Billyben","https:\u002F\u002Fprofiles.wordpress.org\u002Fbillyben\u002F","Add shortcode for fields autofill of Contact Form 7 plugin by URL get variable, by Id or by value, or add new value(s).",10,2436,"2012-06-05T10:28:00.000Z","3.3.2","2.8.1",[20,21,158,159,160],"get","select","url","http:\u002F\u002Fwww.etherocliquecite.eu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fautofill-cf7-bb.1.0.1.zip",{"slug":164,"name":165,"version":166,"author":167,"author_profile":168,"description":169,"short_description":170,"active_installs":171,"downloaded":172,"rating":14,"num_ratings":173,"last_updated":174,"tested_up_to":16,"requires_at_least":175,"requires_php":176,"tags":177,"homepage":182,"download_link":183,"security_score":184,"vuln_count":185,"unpatched_count":133,"last_vuln_date":186,"fetched_at":31},"contact-form-cfdb7","Database Addon for Contact Form 7 – CFDB7","1.3.5","Arshid","https:\u002F\u002Fprofiles.wordpress.org\u002Farshidkv12\u002F","\u003Cp>The “CFDB7” plugin saves contact form 7 submissions to your WordPress database. Export the data to a CSV file.\u003Cbr \u002F>\nBy simply installing the plugin, it will automatically begin to capture form submissions from contact form 7.\u003C\u002Fp>\n\u003Ch4>Features of CFDB 7\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>No configuration is needed\u003C\u002Fli>\n\u003Cli>Save Contact Form 7 form submitted data to the database.\u003C\u002Fli>\n\u003Cli>Single database table for all contact form 7 forms\u003C\u002Fli>\n\u003Cli>Easy to use and lightweight plugin\u003C\u002Fli>\n\u003Cli>Developer friendly & easy to customize\u003C\u002Fli>\n\u003Cli>Display all created contact form 7 form list.\u003C\u002Fli>\n\u003Cli>Export CF7 DB (CF7 Database – cf7db) data in CSV file\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Form Email Testing Tool\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmailmug.net\" rel=\"nofollow ugc\">MailMug – SMTP Sandbox\u003C\u002Fa> \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpostbox-email-logs\u002F\" rel=\"ugc\">PostBox Email Log\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp-mailer\u002F\" rel=\"ugc\">WP mail smtp\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Pro Addons\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fpublic-export-csv\u002F\" rel=\"nofollow ugc\">Scheduled CSV Export\u003C\u002Fa>\u003Cbr \u002F>\nAutomatically export CFDB7 form entries to CSV on a schedule\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fcontact-form-7-column-base-mysql-database-addon\u002F\" rel=\"nofollow ugc\">Advanced MYSQL DB\u003C\u002Fa>\u003Cbr \u002F>\nSeparate MySQL column for each cf7 input field\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fexcel-xlsx-spreadsheet\u002F\" rel=\"nofollow ugc\">Excel Spreadsheet (XLSX) Extension\u003C\u002Fa>\u003Cbr \u002F>\nConnect CFDB7 to an external database or another DB\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Ffiledrop-contact-form-7\u002F\" rel=\"nofollow ugc\">Drag & Drop File Upload\u003C\u002Fa>\u003Cbr \u002F>\nContact form 7 drag and drop files upload plugin.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fcfdb7-unique-field\u002F\" rel=\"nofollow ugc\">Already Submitted?\u003C\u002Fa>\u003Cbr \u002F>\nTrigger error if a field is already submitted\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fcf7-popup-message\u002F\" rel=\"nofollow ugc\">Popup Message\u003C\u002Fa>\u003Cbr \u002F>\nReplace your validation and success messages with beautiful popup messages to attract visitors.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fcfdb7-export-pdf-addon\u002F\" rel=\"nofollow ugc\">Export PDF File\u003C\u002Fa>\u003Cbr \u002F>\nEasy to export contact forms from database to PDF file\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fdownloads\u002Fcfdb7-import-csv-to-database\u002F\" rel=\"nofollow ugc\">Import CSV to Database\u003C\u002Fa>\u003Cbr \u002F>\nImport data from the CSV file to the CFDB7 database\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Support : \u003Ca href=\"https:\u002F\u002Fwww.ciphercoin.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">http:\u002F\u002Fwww.ciphercoin.com\u002Fcontact\u002F\u003C\u002Fa>\u003Cbr \u002F>\nExtensions : \u003Ca href=\"https:\u002F\u002Fciphercoin.com\u002Fcontact-form-7-database-cfdb7-add-ons\u002F\" rel=\"nofollow ugc\">Contact form 7 more Add-ons\u003C\u002Fa>\u003C\u002Fp>\n","Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.",600000,8110668,1872,"2026-02-01T07:36:00.000Z","4.8","7.0",[178,179,21,180,181],"cf7","cf7-database","contact-form-7-db","wpcf7","https:\u002F\u002Fciphercoin.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-cfdb7.1.3.5.zip",90,7,"2025-07-03 21:37:34",{"slug":188,"name":189,"version":190,"author":191,"author_profile":192,"description":193,"short_description":194,"active_installs":195,"downloaded":196,"rating":14,"num_ratings":118,"last_updated":197,"tested_up_to":198,"requires_at_least":199,"requires_php":137,"tags":200,"homepage":137,"download_link":204,"security_score":14,"vuln_count":133,"unpatched_count":133,"last_vuln_date":38,"fetched_at":31},"wpcf7-recaptcha","ReCaptcha v2 for Contact Form 7","1.4.9","IQComputing","https:\u002F\u002Fprofiles.wordpress.org\u002Fiqcomputing\u002F","\u003Cp>Contact Form 7 v5.1 dropped support for reCaptcha v2 along with the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag December 2018. This plugin brings that functionality back from Contact Form 7 5.0.5 and re-adds the \u003Ccode>[recaptcha]\u003C\u002Fcode> tag.\u003C\u002Fp>\n\u003Cp>If this plugin is installed before updating Contact Form 7 from v5.0.5 to v5.1.1 then it will carry over your old API keys. At that point you will just need to head to this plugins settings page to tell the website to use reCaptcha v2.\u003C\u002Fp>\n\u003Cp>Once installed and configured it should be the same reCaptcha functionality you are used to in previous versions of Contact Form 7.\u003C\u002Fp>\n\u003Ch3>IQComputing\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Like us on \u003Ca href=\"https:\u002F\u002Fwww.facebook.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Facebook\" rel=\"nofollow ugc\">Facebook\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Follow us on \u003Ca href=\"https:\u002F\u002Ftwitter.com\u002Fiqcomputing\u002F\" title=\"IQComputing on Twitter\" rel=\"nofollow ugc\">Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Fork on \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FIQComputing\u002Fwpcf7-recaptcha\" title=\"IQComputing on Github\" rel=\"nofollow ugc\">Github\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1",200000,3905275,"2025-04-15T22:52:00.000Z","6.7.5","4.9",[21,201,202,203],"contact-form-7-recaptcha","recaptcha","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-recaptcha.1.4.9.zip",{"slug":206,"name":207,"version":208,"author":209,"author_profile":210,"description":211,"short_description":212,"active_installs":195,"downloaded":213,"rating":13,"num_ratings":214,"last_updated":215,"tested_up_to":16,"requires_at_least":216,"requires_php":137,"tags":217,"homepage":137,"download_link":223,"security_score":224,"vuln_count":225,"unpatched_count":133,"last_vuln_date":226,"fetched_at":31},"wpcf7-redirect","Redirection for Contact Form 7","3.2.9","Themeisle","https:\u002F\u002Fprofiles.wordpress.org\u002Fthemeisle\u002F","\u003Cp>Redirection for Contact Form 7 enhances your forms with essential post-submission actions all in one plugin. Store form entries in your database, redirect users to any page or URL, send email notifications, block spam with honeypot protection, and help with GDPR compliance through data export\u002Ferase requests.\u003C\u002Fp>\n\u003Cp>Want more power? Our PRO version includes JavaScript execution after submission, webhook integration for third-party services, conditional logic based on user input, frontend post creation, PDF generation from form data, and seamless integrations with popular services like Mailchimp, PayPal, Stripe, HubSpot, Salesforce, and Twilio.\u003C\u002Fp>\n\u003Ch3>🔗 HELPFUL LINKS:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Need any help with setup? \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Fcollection\u002F2014-redirection-for-contact-form-7\" rel=\"nofollow ugc\">CHECK DOCUMENTATION\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Interested in Redirection For CF7 Pro? \u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fplugins\u002Fwpcf7-redirect\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=wpcf-7readme&utm_campaign=pro-cta\" rel=\"nofollow ugc\">LEARN MORE\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>USAGE\u003C\u002Fh3>\n\u003Cp>Simply go to your form settings, select the “Action” tab, and add additional Submission Actions based on your requirements.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>NOTE:\u003C\u002Fstrong> This plugin requires CF7 version 4.8 or later.\u003C\u002Fp>\n\u003Ch3>🤝 HOW REDIRECTION FOR CF7 CAN HELP YOU:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Redirect to Any URL:\u003C\u002Fstrong> Easily redirect users to any specific webpage after form submission, enhancing user navigation and experience.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Open Page in a New Tab:\u003C\u002Fstrong> Configure forms to open the target URL in a new tab, keeping your site accessible to users post-submission.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Pass Fields from the Form as URL Query Parameters:\u003C\u002Fstrong> Seamlessly append submitted form data to the URL as query parameters, enabling personalized follow-up pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Add Honeypot to Minimize Spam:\u003C\u002Fstrong> Integrate a honeypot technique in your forms to prevent spam without affecting user experience.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Save Form Submissions to Your Database:\u003C\u002Fstrong> Automatically store all form submissions in your database, ensuring no data loss and facilitating easy back-referencing.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>GDPR Compliance – Create Erase Personal Data Request:\u003C\u002Fstrong> Allow users to initiate requests for erasing their personal data, ensuring compliance with GDPR mandates.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>GDPR Compliance – Create Export Personal Data Request:\u003C\u002Fstrong> Enable users to request exports of their personal data, supporting transparency and adherence to GDPR guidelines.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🤩 GET MORE FEATURES WITH REDIRECTION FOR CF7 PRO\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Add Conditional Logic:\u003C\u002Fstrong> Enhance your submission actions with the Conditional Logic of Actions Extension. Set If\u002FOr rules based on user inputs to manage powerful conditional rules effectively.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Run JavaScript After Form Submission:\u003C\u002Fstrong> Execute custom JavaScript code after a form is submitted, ideal for tracking conversions and integrating with analytics tools.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Create and Send PDF:\u003C\u002Fstrong> Add the option to generate and send PDF using the submitted form fields.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Frontend Publishing:\u003C\u002Fstrong> Add the ability to allow your users to publish posts from your website front-end.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Webhook Integration:\u003C\u002Fstrong> Supercharge your forms with advanced Webhook support—seamlessly connect to third-party apps using POST, GET, DELETE, and PATCH methods, with full compatibility for PARAMS, JSON, and XML formats.Empower your forms with advanced Webhook integration, supporting POST, GET, DELETE, PATCH methods and PARAMS, JSON, and XML formats for comprehensive connectivity with third party apps.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Add a Thank You Popup:\u003C\u002Fstrong> Add the ability to thank your users with a noticeably designed thank-you popup.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Integrate with Mailchimp:\u003C\u002Fstrong> Add the ability to register submitted forms to any of your MailChimp lists.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Integrate PayPal & Stripe:\u003C\u002Fstrong> Collect payments from your users by redirecting them to PayPal or Stripe.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Integrate with HubSpot CRM:\u003C\u002Fstrong> Add the ability to send form submissions from Contact Form 7 to HubSpot CRM.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Integrate with Salesforce CRM:\u003C\u002Fstrong> Add the ability to send submission forms from Contact Form 7 to Salesforce CRM.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>SMS with Twilio Integration:\u003C\u002Fstrong> Add the ability to send SMS messages to your users or notifications to yourself using Twilio.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Unlock these premium features and more with \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fplugins\u002Fwpcf7-redirect\u002Fupgrade\u002F?utm_source=wordpressorg&utm_medium=wpcf-7readme&utm_campaign=unlock-pro-cta\" rel=\"nofollow ugc\">Redirection for CF7 PRO\u003C\u002Fa>!\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Still have questions?\u003C\u002Fstrong> Ask your pre-sales questions \u003Cstrong>\u003Ca href=\"https:\u002F\u002Fthemeisle.com\u002Fcontact\u002F?utm_source=wordpressorg&utm_medium=wpcf-7readme&utm_campaign=pre-sales\" rel=\"nofollow ugc\">here\u003C\u002Fa>\u003C\u002Fstrong>, and we will get back to you promptly. Or, purchase with confidence and try it for yourself—we offer a \u003Cstrong>30-day no-questions-asked 100% money-back guarantee\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>🤔 WHAT YOU CAN DO WITH REDIRECTION FOR CF7:\u003C\u002Fh3>\n\u003Cp>Redirection for Contact Form 7 opens up a world of opportunities! Explore how different audiences can leverage its features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>📦 E-commerce Sites:\u003C\u002Fstrong> Automate order confirmations and updates through SMS with the Twilio integration, providing customers with real-time updates directly on their phones.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🫶 Non-Profit Organizations:\u003C\u002Fstrong> Enhance donor engagement by redirecting donors to personalized thank you pages using Conditional Logic, and manage GDPR compliance with data export and erase requests.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🏠 Real Estate Agencies:\u003C\u002Fstrong> Direct potential clients to a customized URL after form submission, showcasing specific property details or offers based on the input from inquiry forms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🛠️ Tech Support Services:\u003C\u002Fstrong> Link form submissions with Salesforce or HubSpot CRM to automatically create support tickets and manage follow-up actions efficiently.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📚 Education Providers:\u003C\u002Fstrong> Implement the Frontend Publishing feature to allow students to submit assignments and projects directly through forms, making submission processes smoother and more organized.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📈 Marketing Teams:\u003C\u002Fstrong> Capture lead information and automatically add it to a Mailchimp email list for subsequent marketing campaigns, ensuring seamless integration with your digital marketing strategies.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>💵 Freelancers and Consultants:\u003C\u002Fstrong> Offer a streamlined payment process by integrating with PayPal and Stripe, allowing clients to pay for services directly through the submission form.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>📝 Bloggers and Influencers:\u003C\u002Fstrong> Manage user-generated content by enabling frontend post submissions, allowing followers to contribute stories, photos, or feedback directly on the website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>✨ YOU SHOULD USE REDIRECTION WITH CF7 IF:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>You Want to Personalize User Journeys:\u003C\u002Fstrong> Provide a tailored experience by redirecting users to pages that fit their needs.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>You Aim to Automate Processes:\u003C\u002Fstrong> Simplify workflows by directing users to relevant resources or actions after form submission.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>You Seek to Increase Engagement:\u003C\u002Fstrong> Capture user interest by guiding them to content or offers that resonate with them.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>You Need to Optimize Conversions:\u003C\u002Fstrong> Redirect users to strategically designed pages to maximize conversion opportunities.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>You Plan to Manage Leads Efficiently:\u003C\u002Fstrong> Ensure leads are channeled to the right destination for effective handling and follow-up.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>👋 WE’RE HERE FOR YOU, AND WE TAKE ALL FEEDBACK SERIOUSLY\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>📚 Knowledge Base:\u003C\u002Fstrong> We’ve created a complete \u003Ca href=\"https:\u002F\u002Fdocs.themeisle.com\u002Fcollection\u002F2014-redirection-for-contact-form-7\" rel=\"nofollow ugc\">documentation\u003C\u002Fa> library and we’re still constantly updating with new tutorials.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>🦸 Support forum:\u003C\u002Fstrong> We’re here to help. Feel free to open a new thread on the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fwpcf7-redirect\u002F\" rel=\"ugc\">Support Forum\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🎙️ SEE WHAT REAL USERS TALK ABOUT US\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fvery-nice-and-helpful-plugin-5\u002F\" rel=\"ugc\">Very nice and helpful plugin\u003C\u002Fa> – “This is a very helpful plugin. It makes my task much easier and it is also very nice for website users to be redirected to the summary page of their entries.”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fworks-like-a-charm-2147\u002F\" rel=\"ugc\">Works like a charm 🙂\u003C\u002Fa> – “What else to say? When a customer submits a form, it fluently redirects him\u002Fher to specific url when I say “Thank you for submitting the form, we will contact you later…”. So thank you very much creators!”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002F5-stars-533\u002F\" rel=\"ugc\">5 star\u003C\u002Fa> – “Working with Conversion tracking and I like the fact that you can pull the contact form fields in that you want to show on the Thank you page. Everything works fantatic.”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Freally-useful-311\u002F\" rel=\"ugc\">Really useful!\u003C\u002Fa> – “Just chiming in with a positive review. Works great, and has been for a while now. Thanks so much!!”\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Redirect to any page or URL, execute scripts after submission, save data to the database, and unlock additional submission actions for Contact Form 7.",5558034,270,"2026-02-10T10:48:00.000Z","5.1",[218,219,220,221,222],"cf7-redirect","contact-form-7-mailchimp","contact-form-7-paypal","redirect-cf7","redirect-to-url","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpcf7-redirect.3.2.9.zip",88,14,"2025-12-20 18:43:20",{"attackSurface":228,"codeSignals":373,"taintFlows":425,"riskAssessment":473,"analyzedAt":487},{"hooks":229,"ajaxHandlers":310,"restRoutes":319,"shortcodes":320,"cronEvents":371,"entryPointCount":372,"unprotectedCount":133},[230,236,237,240,244,249,252,257,261,264,267,270,274,278,282,286,288,291,294,299,303,307],{"type":231,"name":232,"callback":233,"file":234,"line":235},"action","admin_notices","closure","contact-form-7-dynamic-text-extension.php",62,{"type":231,"name":232,"callback":233,"file":234,"line":27},{"type":231,"name":238,"callback":239,"file":234,"line":144},"wpcf7_init","wpcf7dtx_add_shortcodes",{"type":231,"name":241,"callback":242,"priority":131,"file":234,"line":243},"plugins_loaded","wpcf7dtx_init",87,{"type":245,"name":246,"callback":247,"file":234,"line":248},"filter","wpcf7_form_hidden_fields","wpcf7dtx_hidden_field",103,{"type":231,"name":250,"callback":251,"file":234,"line":102},"wp_enqueue_scripts","wpcf7dtx_enqueue_frontend_assets",{"type":231,"name":253,"callback":254,"file":255,"line":256},"admin_init","settings_init","includes\\admin\\settings.php",29,{"type":231,"name":258,"callback":259,"file":255,"line":260},"admin_menu","options_page",30,{"type":231,"name":253,"callback":262,"file":263,"line":131},"wpcf7dtx_update","includes\\admin\\update-check.php",{"type":231,"name":241,"callback":265,"file":263,"line":266},"wpcf7dtx_update_check",23,{"type":231,"name":232,"callback":268,"file":263,"line":269},"wpcf7dtx_access_keys_notice",126,{"type":231,"name":271,"callback":272,"file":273,"line":144},"admin_enqueue_scripts","load_assets","includes\\admin.php",{"type":231,"name":275,"callback":276,"priority":14,"file":273,"line":277},"wpcf7_admin_init","init",86,{"type":231,"name":276,"callback":279,"file":280,"line":281},"wpcf7dtx_init_shortcodes","includes\\shortcodes.php",35,{"type":245,"name":283,"callback":283,"priority":152,"file":284,"line":285},"wpcf7dtx_allow_protocols","includes\\utilities.php",38,{"type":245,"name":287,"callback":287,"priority":152,"file":284,"line":27},"wpcf7dtx_sanitize",{"type":245,"name":289,"callback":289,"priority":152,"file":284,"line":290},"wpcf7dtx_escape",108,{"type":245,"name":292,"callback":292,"priority":152,"file":284,"line":293},"wpcf7dtx_obfuscate",159,{"type":245,"name":295,"callback":296,"file":297,"line":298},"wpcf7_messages","wpcf7dtx_messages","includes\\validation.php",33,{"type":245,"name":300,"callback":301,"file":297,"line":302},"wpcf7_config_validator_available_error_codes","wpcf7dtx_config_validator_available_error_codes",49,{"type":231,"name":304,"callback":305,"file":297,"line":306},"wpcf7_config_validator_validate","wpcf7dtx_validate",322,{"type":231,"name":241,"callback":308,"priority":260,"file":297,"line":309},"wpcf7dtx_init_validator",325,[311,317],{"action":312,"nopriv":313,"callback":314,"hasNonce":315,"hasCapCheck":313,"file":234,"line":316},"wpcf7dtx",false,"wpcf7dtx_js_handler",true,785,{"action":312,"nopriv":315,"callback":314,"hasNonce":315,"hasCapCheck":313,"file":234,"line":318},786,[],[321,324,327,331,334,338,342,346,350,354,357,360,364,368],{"tag":322,"callback":323,"file":280,"line":131},"CF7_GET","wpcf7dtx_get",{"tag":325,"callback":326,"file":280,"line":61},"CF7_POST","wpcf7dtx_post",{"tag":328,"callback":329,"file":280,"line":330},"CF7_URL","wpcf7dtx_url",22,{"tag":332,"callback":333,"file":280,"line":266},"CF7_referrer","wpcf7dtx_referrer",{"tag":335,"callback":336,"file":280,"line":337},"CF7_bloginfo","wpcf7dtx_bloginfo",24,{"tag":339,"callback":340,"file":280,"line":341},"CF7_get_post_var","wpcf7dtx_get_post_var",25,{"tag":343,"callback":344,"file":280,"line":345},"CF7_get_custom_field","wpcf7dtx_get_custom_field",26,{"tag":347,"callback":348,"file":280,"line":349},"CF7_get_current_var","wpcf7dtx_get_current_var",27,{"tag":351,"callback":352,"file":280,"line":353},"CF7_get_current_user","wpcf7dtx_get_current_user",28,{"tag":355,"callback":356,"file":280,"line":256},"CF7_get_attachment","wpcf7dtx_get_attachment",{"tag":358,"callback":359,"file":280,"line":260},"CF7_get_cookie","wpcf7dtx_get_cookie",{"tag":361,"callback":362,"file":280,"line":363},"CF7_get_taxonomy","wpcf7dtx_get_taxonomy",31,{"tag":365,"callback":366,"file":280,"line":367},"CF7_get_theme_option","wpcf7dtx_get_theme_option",32,{"tag":369,"callback":370,"file":280,"line":298},"CF7_guid","wpcf7dtx_guid",[],16,{"dangerousFunctions":374,"sqlUsage":375,"outputEscaping":377,"fileOperations":133,"externalRequests":133,"nonceChecks":423,"capabilityChecks":423,"bundledLibraries":424},[],{"prepared":133,"raw":133,"locations":376},[],{"escaped":378,"rawEcho":330,"locations":379},182,[380,383,385,387,389,391,393,395,397,399,401,403,404,406,408,409,411,413,415,417,419,421],{"file":255,"line":381,"context":382},267,"raw output",{"file":255,"line":384,"context":382},326,{"file":255,"line":386,"context":382},327,{"file":255,"line":388,"context":382},418,{"file":255,"line":390,"context":382},441,{"file":255,"line":392,"context":382},451,{"file":255,"line":394,"context":382},456,{"file":255,"line":396,"context":382},519,{"file":255,"line":398,"context":382},544,{"file":255,"line":400,"context":382},545,{"file":255,"line":402,"context":382},558,{"file":255,"line":402,"context":382},{"file":255,"line":405,"context":382},559,{"file":255,"line":407,"context":382},578,{"file":255,"line":407,"context":382},{"file":255,"line":410,"context":382},579,{"file":255,"line":412,"context":382},670,{"file":255,"line":414,"context":382},673,{"file":255,"line":416,"context":382},694,{"file":263,"line":418,"context":382},114,{"file":263,"line":420,"context":382},116,{"file":263,"line":422,"context":382},120,3,[],[426,447,456],{"entryPoint":427,"graph":428,"unsanitizedCount":29,"severity":40},"render_options_page (includes\\admin\\settings.php:171)",{"nodes":429,"edges":444},[430,435,439],{"id":431,"type":432,"label":433,"file":255,"line":434},"n0","source","$_GET",234,{"id":436,"type":437,"label":438,"file":255,"line":434},"n1","transform","→ render_scan_results()",{"id":440,"type":441,"label":442,"file":255,"line":396,"wp_function":443},"n2","sink","echo() [XSS]","echo",[445,446],{"from":431,"to":436,"sanitized":313},{"from":436,"to":440,"sanitized":313},{"entryPoint":448,"graph":449,"unsanitizedCount":29,"severity":40},"render_scan_results (includes\\admin\\settings.php:434)",{"nodes":450,"edges":454},[451,453],{"id":431,"type":432,"label":433,"file":255,"line":452},448,{"id":436,"type":441,"label":442,"file":255,"line":394,"wp_function":443},[455],{"from":431,"to":436,"sanitized":313},{"entryPoint":457,"graph":458,"unsanitizedCount":29,"severity":40},"\u003Csettings> (includes\\admin\\settings.php:0)",{"nodes":459,"edges":469},[460,463,464,465,467],{"id":431,"type":432,"label":461,"file":255,"line":462},"$_GET (x3)",227,{"id":436,"type":441,"label":442,"file":255,"line":392,"wp_function":443},{"id":440,"type":432,"label":433,"file":255,"line":434},{"id":466,"type":437,"label":438,"file":255,"line":434},"n3",{"id":468,"type":441,"label":442,"file":255,"line":396,"wp_function":443},"n4",[470,471,472],{"from":431,"to":436,"sanitized":315},{"from":440,"to":466,"sanitized":313},{"from":466,"to":468,"sanitized":313},{"summary":474,"deductions":475},"The \"contact-form-7-dynamic-text-extension\" plugin v5.0.5 exhibits a mixed security posture. On the positive side, the static analysis reveals no immediate critical risks from code signals such as dangerous functions, raw SQL queries, or file operations. The majority of output is properly escaped, and nonce and capability checks are present on the identified entry points, suggesting a decent effort towards secure coding practices.\n\nHowever, the vulnerability history is a significant concern. With six known CVEs, including one currently unpatched, and a history of medium severity vulnerabilities like Code Injection, CSRF, and various information exposure types, the plugin has a track record of security flaws. The presence of unsanitized paths in taint analysis, although not classified as critical or high, is also a point of concern and warrants further investigation, especially in light of the plugin's past vulnerabilities. The fact that all three analyzed taint flows had unsanitized paths is a strong indicator of potential issues.\n\nOverall, while the static analysis for this specific version shows some good security practices, the extensive vulnerability history and the presence of unsanitized paths in taint analysis strongly suggest a higher risk. Users should be cautious and prioritize updating to a version that has addressed all past vulnerabilities, particularly the currently unpatched one.",[476,479,482,485],{"reason":477,"points":478},"Currently unpatched CVE",18,{"reason":480,"points":481},"Multiple known CVEs (6 total)",15,{"reason":483,"points":484},"Taint flows with unsanitized paths (3\u002F3)",12,{"reason":486,"points":152},"Medium severity vulnerabilities in history","2026-03-17T05:35:02.463Z",{"wat":489,"direct":500},{"assetPaths":490,"generatorPatterns":494,"scriptPaths":495,"versionParams":496},[491,492,493],"\u002Fwp-content\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002Fcss\u002Fcf7-dtx-admin.css","\u002Fwp-content\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002Fcss\u002Fcf7-dtx-frontend.css","\u002Fwp-content\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002Fjs\u002Fcf7-dtx-frontend.js",[],[493],[497,498,499],"\u002Fwp-content\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002Fcss\u002Fcf7-dtx-admin.css?ver=","\u002Fwp-content\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002Fcss\u002Fcf7-dtx-frontend.css?ver=","\u002Fwp-content\u002Fplugins\u002Fcontact-form-7-dynamic-text-extension\u002Fjs\u002Fcf7-dtx-frontend.js?ver=",{"cssClasses":501,"htmlComments":502,"htmlAttributes":507,"restEndpoints":509,"jsGlobals":510,"shortcodeOutput":511},[],[503,504,505,506],"\u003C!-- Dynamic Field Start -->","\u003C!-- Dynamic Field End -->","\u003C!-- Dynamic Field Wrapper Start -->","\u003C!-- Dynamic Field Wrapper End -->",[508],"data-cf7dtx-val",[],[],[512,513,514,515],"\u003Cinput type=\"text\" name=\"","\" value=\"","\" size=\"40\" class=\"wpcf7-form-control wpcf7-dynamic-text\" id=\"","\" data-cf7dtx-val=\""]