Contact Form to Brevo Security & Risk Analysis
wordpress.org/plugins/contact-form-to-brevoAdd Contact Form 7 Data to Brevo Contact lists.
Is Contact Form to Brevo Safe to Use in 2026?
Generally Safe
Score 100/100Contact Form to Brevo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The 'contact-form-to-brevo' plugin v1.1.0 exhibits a generally strong security posture based on the provided static analysis. The complete absence of detected dangerous functions, SQL queries using prepared statements, and the presence of a nonce check are positive indicators. The plugin also has no recorded vulnerability history, suggesting a history of secure development or thorough patching.
However, a significant concern arises from the output escaping. With 76 total outputs and only 58% properly escaped, there is a considerable risk of Cross-Site Scripting (XSS) vulnerabilities. This means that user-supplied data, if not handled carefully, could be injected into the output and executed by a user's browser. While the attack surface appears to be zero, the lack of robust output escaping on a majority of outputs is a tangible security weakness. The plugin's strengths lie in its lack of direct vulnerabilities and secure data handling for SQL, but the unescaped output presents a notable risk that needs to be addressed.
Key Concerns
- Significant portion of outputs not properly escaped
Contact Form to Brevo Security Vulnerabilities
Contact Form to Brevo Code Analysis
Bundled Libraries
Output Escaping
Contact Form to Brevo Attack Surface
WordPress Hooks 7
Maintenance & Trust
Contact Form to Brevo Maintenance & Trust
Maintenance Signals
Community Trust
Contact Form to Brevo Alternatives
Centous Integration for Contact Form 7 and Brevo
centous-integration-for-contact-form-7-and-brevo
Seamlessly integrate Brevo (formerly Sendinblue) with Contact Form 7 to add subscribers directly from WordPress.
Creative Mail – Easier WordPress & WooCommerce Email Marketing
creative-mail-by-constant-contact
Creative Mail was designed specifically for WordPress and WooCommerce. Our intelligent (and super fun) email editor simplifies email marketing campaig …
MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder
mailchimp-subscribe-sm
MailChimp Subscribe Form allows you to create Beautiful Professional looking Subscribe Forms, Popups, bars & full page optins easily in less than …
Omnisend for Contact Form 7 Add-On
omnisend-for-contact-form-7
Email Marketing, Newsletter, Email Automation, Forms, Pop Up, SMS by Omnisend
Centous Integration For Contact Form 7 And Mailchimp
centous-integration-for-contact-form-7-and-mailchimp
Seamlessly integrate Mailchimp with Contact Form 7 to add subscribers directly from WordPress.
Contact Form to Brevo Developer Profile
1 plugin · 900 total installs
How We Detect Contact Form to Brevo
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/contact-form-to-brevo/assets/admin.js/wp-content/plugins/contact-form-to-brevo/assets/admin.css/wp-content/plugins/contact-form-to-brevo/assets/admin.jscontact-form-to-brevo/assets/admin.js?ver=1.0contact-form-to-brevo/assets/admin.css?ver=1.0HTML / DOM Fingerprints
cfb-psd-settingscfb-psd-settings-tabtab-wraptabactivecfb-psd-main-settingsgeneral-settings-sectioncfb-psd-api-key<!-- enable --><!-- Brevo -->data-id="general"data-id="form-fields"data-id="form-pro"id="cf7_email_subscription"id="cfb_psd_update_existing"id="cfb_psd_api_key"+1 morewindow.cfb_psd_nonce_field