Does Contact Form Extender for Divi – Submissions DB & Extra Fields have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Contact Form Extender for Divi – Submissions DB & Extra Fields compatible with WordPress 6.9.4?

According to WordPress.org data, Contact Form Extender for Divi – Submissions DB & Extra Fields 1.0.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Contact Form Extender for Divi – Submissions DB & Extra Fields compatible with PHP 7.2+?

Contact Form Extender for Divi – Submissions DB & Extra Fields requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Contact Form Extender for Divi – Submissions DB & Extra Fields Security & Risk Analysis

wordpress.org/plugins/contact-form-extender-for-divi-builder

Extend Divi Contact Form module with file upload field, country code dropdown and save Divi form submissions in the database.

100 active installs v1.0.8 PHP 7.2+ WP 5.0+ Updated Apr 13, 2026

contact-form-dbcountry-codedivifile-uploadform-submissions

A · Safe

CVEs total1

Unpatched0

Last CVEApr 21, 2026

Plugin page Download

Safety Verdict

Is Contact Form Extender for Divi – Submissions DB & Extra Fields Safe to Use in 2026?

Generally Safe

Score 94/100

Contact Form Extender for Divi – Submissions DB & Extra Fields has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Apr 21, 2026Updated 1mo ago

Risk Assessment

The "contact-form-extender-for-divi-builder" plugin v1.0.4 demonstrates a strong security posture based on the provided static analysis and vulnerability history. The absence of any reported CVEs and the excellent adherence to secure coding practices, such as 100% prepared statements for SQL queries and 98% proper output escaping, are significant strengths. The plugin also appears to implement robust security checks, with 12 nonce checks and 13 capability checks identified, and all entry points are protected.

Concerns are minimal, with the primary areas to monitor being the two external HTTP requests. While not inherently a vulnerability, these represent potential points of failure or avenues for information disclosure if not handled with extreme care. The taint analysis showing zero flows with unsanitized paths further reinforces the good internal code quality. The plugin's history of zero vulnerabilities suggests a proactive approach to security by its developers, making it a relatively safe option, provided ongoing vigilance for external dependencies or future code changes.

Key Concerns

External HTTP requests present potential risks

Vulnerabilities

1 published

Contact Form Extender for Divi – Submissions DB & Extra Fields Security Vulnerabilities

CVEs by Year

1 CVE in 2026

2026

Patched Has unpatched

Severity Breakdown

Critical

1 total CVE

CVE-2026-40769critical · 9.1Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Contact Form Extender for Divi – Submissions DB & Extra Fields <= 1.0.6 - Unauthenticated Arbitrary File Deletion

Apr 21, 2026 Patched in 1.0.7 (10d)

Version History

Contact Form Extender for Divi – Submissions DB & Extra Fields Release Timeline

v1.0.8Current

v1.0.7

v1.0.61 CVE

v1.0.51 CVE

v1.0.41 CVE

v1.0.31 CVE

v1.0.21 CVE

Code Analysis

Analyzed Mar 16, 2026

Contact Form Extender for Divi – Submissions DB & Extra Fields Code Analysis

Dangerous Functions

Raw SQL Queries

11 prepared

Unescaped Output

204 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared11 total queries

Output Escaping

98% escaped209 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

3 flows

prepare_items (admin\entries\cfefd-submissions-list-table.php:212)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Contact Form Extender for Divi – Submissions DB & Extra Fields Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_cpfm_handle_opt_in_cfefdadmin\feedback\cpfm-common-notice.php:14

authwp_ajax_cfefd_upload_fileincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-ajax.php:16

noprivwp_ajax_cfefd_upload_fileincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-ajax.php:17

authwp_ajax_cfefd_remove_fileincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-ajax.php:18

noprivwp_ajax_cfefd_remove_fileincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-ajax.php:19

WordPress Hooks 47

actionadmin_menuadmin\class-cfefd-admin.php:71

actionadmin_initadmin\class-cfefd-admin.php:72

actionadmin_enqueue_scriptsadmin\class-cfefd-admin.php:73

actionadmin_print_scriptsadmin\class-cfefd-admin.php:74

actioncpfm_register_noticeadmin\class-cfefd-admin.php:80

actioncpfm_after_opt_in_cfefdadmin\class-cfefd-admin.php:105

actionadmin_initadmin\entries\cfefd-submissions-bulk-actions.php:49

actioninitadmin\entries\cfefd-submissions-post-type.php:37

actionadd_meta_boxesadmin\entries\cfefd-submissions-post-type.php:38

actionadmin_enqueue_scriptsadmin\entries\cfefd-submissions-post-type.php:39

actionadmin_headadmin\entries\cfefd-submissions-post-type.php:40

actionadmin_print_scriptsadmin\entries\cfefd-submissions-post-type.php:41

actionadmin_noticesadmin\entries\cfefd-submissions-post-type.php:44

actionadmin_enqueue_scriptsadmin\feedback\admin-feedback-form.php:19

actionadmin_headadmin\feedback\admin-feedback-form.php:20

actionadmin_initadmin\feedback\cpfm-common-notice.php:12

actionadmin_enqueue_scriptsadmin\feedback\cpfm-common-notice.php:13

actionadmin_footeradmin\feedback\cpfm-common-notice.php:15

filtercron_schedulesadmin\feedback\cron\cfefd-class-cron.php:14

actioncfefd_extra_data_updateadmin\feedback\cron\cfefd-class-cron.php:15

actionactivated_plugincontact-form-extender-for-divi-builder.php:67

actionwp_enqueue_scriptsincludes\class-cfefd-loader.php:78

filteret_pb_all_fields_unprocessed_et_pb_contact_fieldincludes\module\addons\divi-4\country-code\class-cfefd-country-code-field.php:10

filteret_module_shortcode_outputincludes\module\addons\divi-4\country-code\class-cfefd-country-code-field.php:11

actionwp_enqueue_scriptsincludes\module\addons\divi-4\country-code\class-cfefd-country-code-field.php:12

filteret_module_shortcode_outputincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-render.php:10

filteret_module_shortcode_outputincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-render.php:11

actionwp_enqueue_scriptsincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-render.php:12

actionwp_enqueue_scriptsincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-render.php:14

filteret_pb_all_fields_unprocessed_et_pb_contact_fieldincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-settings.php:10

filteret_builder_get_parent_modulesincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-settings.php:13

filteret_pb_all_fields_unprocessed_et_pb_contact_formincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-settings.php:14

filteret_contact_page_email_toincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-submission.php:13

filterwp_mailincludes\module\addons\divi-4\file-upload\class-cfefd-file-upload-submission.php:78

actiondivi_visual_builder_assets_before_enqueue_scriptsincludes\module\addons\divi-5\country-code\class-cfefd-country-code-field.php:14

actionwp_enqueue_scriptsincludes\module\addons\divi-5\country-code\class-cfefd-country-code-field.php:15

filterblock_type_metadata_settingsincludes\module\addons\divi-5\country-code\class-cfefd-country-code-field.php:16

filterdivi_module_wrapper_renderincludes\module\addons\divi-5\country-code\class-cfefd-country-code-field.php:17

actiondivi_visual_builder_assets_before_enqueue_scriptsincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-field.php:18

actionwp_enqueue_scriptsincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-field.php:19

filterblock_type_metadata_settingsincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-field.php:20

filterdivi_module_wrapper_renderincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-field.php:21

filterdivi_module_wrapper_renderincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-field.php:22

actionet_pb_contact_form_submitincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-submission.php:12

filterwp_mailincludes\module\addons\divi-5\file-upload\class-cfefd-file-upload-submission.php:13

actionet_pb_contact_form_submitincludes\submissions\class-cfefd-submissions-handler-d5.php:21

actionet_pb_contact_form_submitincludes\submissions\class-cfefd-submissions-handler.php:21

Scheduled Events 3

cfefd_extra_data_update

Maintenance & Trust

Contact Form Extender for Divi – Submissions DB & Extra Fields Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 13, 2026

PHP min version7.2

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

Contact Form Extender for Divi – Submissions DB & Extra Fields Alternatives

FormsDB – Save Elementor Forms to Google Sheets & Post Type

sb-elementor-contact-form-db

Connect Elementor forms with Google Sheets to sync form entries, or save form submissions in any post type using Elementor Pro or Hello Plus forms.

20K 4 CVEs

Contact Form DB Divi

contact-form-db-divi

100

The Contact Form DB plugin is designed to provide an easy way to store and manage form submissions on your Divi website

3K No CVEs

Contact Form 7 Database Manager Addon – CF7DBM

form-data-manager

Save contact form 7 submissions to the WP database with this CF7 addon. Never lose important messages, leads, and requests again.

200 No CVEs

Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder

supreme-modules-for-divi

Divi Supreme lite plugin enhances the experience and features found on Divi and extend with custom creative modules to help you build amazing websites …

200K 3 CVEs

Popups for Divi

popups-for-divi

100

A quick and easy way to create Popup layers inside the Divi Visual Builder!

100K No CVEs

Developer Profile

Contact Form Extender for Divi – Submissions DB & Extra Fields Developer Profile

Satinder Singh

4 plugins · 11K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

73 days

View full developer profile

Detection Fingerprints

How We Detect Contact Form Extender for Divi – Submissions DB & Extra Fields

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/contact-form-extender-for-divi-builder/admin/css/cfefd-admin-style.css/wp-content/plugins/contact-form-extender-for-divi-builder/admin/js/cfefd-admin-script.js/wp-content/plugins/contact-form-extender-for-divi-builder/public/css/cfefd-public-style.css/wp-content/plugins/contact-form-extender-for-divi-builder/public/js/cfefd-public-script.js

Version Parameters

contact-form-extender-for-divi-builder/admin/css/cfefd-admin-style.css?ver=contact-form-extender-for-divi-builder/admin/js/cfefd-admin-script.js?ver=contact-form-extender-for-divi-builder/public/css/cfefd-public-style.css?ver=contact-form-extender-for-divi-builder/public/js/cfefd-public-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

cfefd-admin-menucfefd-main-content

HTML Comments

Data Attributes

data-plugin-name="cfefd"data-plugin-version="1.0.4"

JS Globals

cfefd_params

FAQ

Contact Form Extender for Divi – Submissions DB & Extra Fields Security & Risk Analysis

Is Contact Form Extender for Divi – Submissions DB & Extra Fields Safe to Use in 2026?

Generally Safe

Key Concerns

Contact Form Extender for Divi – Submissions DB & Extra Fields Security Vulnerabilities

CVEs by Year

Severity Breakdown

Contact Form Extender for Divi – Submissions DB & Extra Fields Release Timeline

Contact Form Extender for Divi – Submissions DB & Extra Fields Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Contact Form Extender for Divi – Submissions DB & Extra Fields Attack Surface

AJAX Handlers 5

Scheduled Events 3

Contact Form Extender for Divi – Submissions DB & Extra Fields Maintenance & Trust

Maintenance Signals

Community Trust

Contact Form Extender for Divi – Submissions DB & Extra Fields Alternatives

FormsDB – Save Elementor Forms to Google Sheets & Post Type

Contact Form DB Divi

Contact Form 7 Database Manager Addon – CF7DBM

Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder

Popups for Divi

Contact Form Extender for Divi – Submissions DB & Extra Fields Developer Profile

How We Detect Contact Form Extender for Divi – Submissions DB & Extra Fields

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Contact Form Extender for Divi – Submissions DB & Extra Fields