Does Contact Form 7 GetResponse Extension have any unpatched vulnerabilities?

Yes — Contact Form 7 GetResponse Extension currently has 1 published unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Contact Form 7 GetResponse Extension compatible with WordPress 6.4.8?

According to WordPress.org data, Contact Form 7 GetResponse Extension 1.0.8 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

Is Contact Form 7 GetResponse Extension compatible with PHP 5.6+?

Contact Form 7 GetResponse Extension requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Contact Form 7 GetResponse Extension updated?

Contact Form 7 GetResponse Extension was last updated on Jan 18, 2024. Frequent updates are generally a positive security signal.

What is Contact Form 7 GetResponse Extension's security score?

Contact Form 7 GetResponse Extension has a WP-Safety security score of 63/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Contact Form 7 GetResponse Extension Security & Risk Analysis

wordpress.org/plugins/contact-form-7-getresponse-extension

A very easy plugin to integrate GetResponse campaigns with Contact Form 7.

1K active installs v1.0.8 PHP 5.6+ WP 3.9+ Updated Jan 18, 2024

contact-form-7emailget-responsegetresponsemailing-list

C · Use Caution

CVEs total1

Unpatched1

Last CVEJan 22, 2026

Plugin page Download

Safety Verdict

Is Contact Form 7 GetResponse Extension Safe to Use in 2026?

Use With Caution

Score 63/100

Contact Form 7 GetResponse Extension has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Jan 22, 2026Updated 2yr ago

Risk Assessment

The plugin 'contact-form-7-getresponse-extension' version 1.0.8 exhibits a mixed security posture. While it demonstrates good practices by not using dangerous functions, performing all SQL queries with prepared statements, and having a low number of file operations and external HTTP requests, several significant concerns emerge. The presence of four AJAX handlers without authentication checks presents a substantial attack surface for unauthorized actions. Furthermore, the plugin has a known medium-severity vulnerability related to the exposure of sensitive information, which is currently unpatched. This vulnerability history, combined with the lack of capability checks on its entry points, suggests a potential for privilege escalation or unauthorized data access.

Key Concerns

Unpatched Medium Vulnerability
AJAX handlers without auth checks (4)
No capability checks on entry points
Output escaping is not fully implemented (34% not escaped)

Vulnerabilities

1 published

Contact Form 7 GetResponse Extension Security Vulnerabilities

CVEs by Year

1 CVE in 2026 · unpatched

2026

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2026-24557medium · 5.3Exposure of Sensitive Information to an Unauthorized Actor

Contact Form 7 GetResponse Extension <= 1.0.8 - Unauthenticated Information Exposure

Jan 22, 2026Unpatched

Version History

Contact Form 7 GetResponse Extension Release Timeline

v1.0.71 CVE

v1.0.61 CVE

v1.0.51 CVE

v1.0.41 CVE

v1.0.31 CVE

v1.0.21 CVE

v1.0.11 CVE

v1.0.01 CVE

v0.21 CVE

v0.11 CVE

Code Analysis

Analyzed Mar 16, 2026

Contact Form 7 GetResponse Extension Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

40 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

66% escaped61 total outputs

Attack Surface

4 unprotected

Contact Form 7 GetResponse Extension Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_gr_update_campincludes\class-cf7-gr-ext.php:162

noprivwp_ajax_gr_update_campincludes\class-cf7-gr-ext.php:163

authwp_ajax_gr_update_custom_fieldincludes\class-cf7-gr-ext.php:164

noprivwp_ajax_gr_update_custom_fieldincludes\class-cf7-gr-ext.php:165

WordPress Hooks 9

actionplugins_loadedcf7-gr-ext.php:54

actionwpcf7_initincludes\class-cf7-gr-ext-add-service.php:209

actionplugins_loadedincludes\class-cf7-gr-ext.php:142

actionadmin_initincludes\class-cf7-gr-ext.php:157

actionadmin_enqueue_scriptsincludes\class-cf7-gr-ext.php:158

actionadmin_enqueue_scriptsincludes\class-cf7-gr-ext.php:159

actionwpcf7_editor_panelsincludes\class-cf7-gr-ext.php:160

actionwpcf7_after_saveincludes\class-cf7-gr-ext.php:161

actionwpcf7_before_send_mailincludes\class-cf7-gr-ext.php:180

Maintenance & Trust

Contact Form 7 GetResponse Extension Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedJan 18, 2024

PHP min version5.6

Downloads24K

Community Trust

Rating86/100

Number of ratings7

Active installs1K

Alternatives

Contact Form 7 GetResponse Extension Alternatives

Connect Contact Form 7 and AWeber

integrate-contact-form-7-and-aweber

Integrate AWeber mailing lists with Contact Form 7. Automatically add form subscribers to your AWeber lists.

300 2 CVEs

Fast GetResponse

fast-getresponse

Easily Sync GetResponse Contacts With Your WordPress Users.

10 No CVEs

Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent

tablesome

Powerful Table, Form & Mail Automations. Form Entry Management (+ frontend table ), integrate with MailChimp, G Sheets, CF7, WPForms, Elementor, etc.

8K 11 CVEs

Email marketing for WordPress by GetResponse Official

getresponse-official

Maximize visitor potential! Capture emails, automate marketing, track visits, and transfer ecommerce data to GetResponse for precision campaigns.

4K 2 CVEs

Contact Form 7 Confirm Email Field

contact-form-7-confirm-email-feild

Add a confirm email field to Contact Form 7.

2K No CVEs

Developer Profile

Contact Form 7 GetResponse Extension Developer Profile

WEN Solutions

47 plugins · 26K total installs

trust score

Avg Security Score

95/100

Avg Patch Time

112 days

View full developer profile

Detection Fingerprints

How We Detect Contact Form 7 GetResponse Extension

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/contact-form-7-getresponse-extension/admin/css/cf7-gr-ext-admin.css/wp-content/plugins/contact-form-7-getresponse-extension/admin/js/cf7-gr-ext-admin.js

Script Paths

/wp-content/plugins/contact-form-7-getresponse-extension/admin/js/cf7-gr-ext-admin.js

Version Parameters

cf7-gr-ext-admin.css?ver=

HTML / DOM Fingerprints

CSS Classes

cf7-gs-ext-admin-form

Data Attributes

id="cf7-gs-name"id="cf7-gs-email"

JS Globals

cf7_options

FAQ

Contact Form 7 GetResponse Extension Security & Risk Analysis

Is Contact Form 7 GetResponse Extension Safe to Use in 2026?

Use With Caution

Key Concerns

Contact Form 7 GetResponse Extension Security Vulnerabilities

CVEs by Year

Severity Breakdown

Contact Form 7 GetResponse Extension Release Timeline

Contact Form 7 GetResponse Extension Code Analysis

Output Escaping

Contact Form 7 GetResponse Extension Attack Surface

AJAX Handlers 4

Contact Form 7 GetResponse Extension Maintenance & Trust

Maintenance Signals

Community Trust

Contact Form 7 GetResponse Extension Alternatives

Connect Contact Form 7 and AWeber

Fast GetResponse

Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent

Email marketing for WordPress by GetResponse Official

Contact Form 7 Confirm Email Field

Contact Form 7 GetResponse Extension Developer Profile

How We Detect Contact Form 7 GetResponse Extension

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Contact Form 7 GetResponse Extension