Does Data8 Validation have any unpatched vulnerabilities?

No. All known vulnerabilities in Data8 Validation have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Data8 Validation compatible with WordPress 6.9.4?

According to WordPress.org data, Data8 Validation 3.8.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Data8 Validation updated?

Data8 Validation was last updated on Jan 16, 2026. Frequent updates are generally a positive security signal.

What is Data8 Validation's security score?

Data8 Validation has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Data8 Validation Security & Risk Analysis

wordpress.org/plugins/data8-validation-for-contact-form-7

Applies Data8 Email, Unusable Name, Phone Validation and PredictiveAddress services to WooCommerce checkout, Gravity Forms and Contact Form 7, WPForms …

200 active installs v3.8.1 PHP + WP 4.5+ Updated Jan 16, 2026

elementorgravitygravity-formsgravityformswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Data8 Validation Safe to Use in 2026?

Generally Safe

Score 100/100

Data8 Validation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The "data8-validation-for-contact-form-7" plugin version 3.8.1 exhibits a generally positive security posture based on the provided static analysis. There are no reported CVEs, indicating a history of stability. The code demonstrates good practices by not utilizing dangerous functions, performing all SQL queries using prepared statements, and handling most output with proper escaping. The absence of shortcodes, cron events, and a limited attack surface also contribute to a reduced risk profile. However, a notable concern is the presence of an external HTTP request, which represents a potential avenue for certain attacks if not handled securely. Additionally, the taint analysis reveals two flows with unsanitized paths, though thankfully these did not escalate to critical or high severity. The lack of nonce checks and capability checks across all identified entry points, while currently presenting zero unprotected entry points, could become a vulnerability if new entry points are introduced or if existing logic is bypassed.

Key Concerns

External HTTP requests
Flows with unsanitized paths (low severity)
No nonce checks on entry points
No capability checks on entry points

Vulnerabilities

None known

Data8 Validation Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Data8 Validation Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

14 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

88% escaped16 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

d8cf7_password_changing (plugin_interface.php:91)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Data8 Validation Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 38

actionwp_enqueue_scriptsdata8-validation-for-contact-form-7.php:43

filterwpcf7_validate_telincludes\d8cf7-validation.php:4

filterwpcf7_validate_tel*includes\d8cf7-validation.php:5

filterwpcf7_validate_intl_telincludes\d8cf7-validation.php:6

filterwpcf7_validate_intl_tel*includes\d8cf7-validation.php:7

filterwpcf7_validate_emailincludes\d8cf7-validation.php:121

filterwpcf7_validate_email*includes\d8cf7-validation.php:122

filterwpcf7_validate_textincludes\d8cf7-validation.php:175

filterwpcf7_validate_text*includes\d8cf7-validation.php:176

filterwpcf7_validate_textincludes\d8cf7-validation.php:223

filterwpcf7_validate_text*includes\d8cf7-validation.php:224

actionelementor_pro/forms/validation/telincludes\d8ep-validation.php:3

actionelementor_pro/forms/validationincludes\d8ep-validation.php:95

actionelementor_pro/forms/validationincludes\d8ep-validation.php:152

actionelementor_pro/forms/validationincludes\d8ep-validation.php:237

actionelementor/frontend/the_contentincludes\d8ep-validation.php:291

actionwp_footerincludes\d8ep-validation.php:292

filtergform_pre_renderincludes\d8gf-validation.php:4

actionwp_footerincludes\d8gf-validation.php:5

filtergform_field_validationincludes\d8gf-validation.php:52

filtergform_field_validationincludes\d8gf-validation.php:168

filtergform_field_validationincludes\d8gf-validation.php:215

filtergform_field_validationincludes\d8gf-validation.php:256

filterwoocommerce_after_checkout_billing_formincludes\d8wc-validation.php:4

filterwoocommerce_after_checkout_shipping_formincludes\d8wc-validation.php:5

filterwoocommerce_after_edit_account_address_formincludes\d8wc-validation.php:6

actionwoocommerce_checkout_processincludes\d8wc-validation.php:30

actionwpforms_processincludes\d8wpf-validation.php:4

actionwpforms_processincludes\d8wpf-validation.php:64

actionwpforms_processincludes\d8wpf-validation.php:157

actionwpforms_processincludes\d8wpf-validation.php:206

actionwpforms_display_field_beforeincludes\d8wpf-validation.php:264

actionwp_footerincludes\d8wpf-validation.php:265

filterwpforms_address_schemesincludes\d8wpf-validation.php:312

actionadmin_menuplugin_interface.php:3

actionadmin_initplugin_interface.php:4

actionadmin_noticesplugin_interface.php:5

filterpre_update_option_d8cf7_passwordplugin_interface.php:113

Maintenance & Trust

Data8 Validation Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 16, 2026

PHP min version

Downloads16K

Community Trust

Rating0/100

Number of ratings0

Active installs200

Alternatives

Data8 Validation Alternatives

Data Soap Validation

data-soap-validation

100

Applies Data Soap telephone and email validation services to Contact Form 7, Elementor Pro, Gravity Forms, Woocommerce & WPForms Requires PHP

50 No CVEs

GravityExport Lite for Gravity Forms

gf-entries-in-excel

100

Export all Gravity Forms entries to Excel (.xlsx) or CSV via a download button or a secret shareable URL.

10K No CVEs

Multiple Columns for Gravity Forms

gf-form-multicolumn

Introduces new form elements into Gravity Forms which allow for simple column creation.

10K No CVEs

Surbma | Divi & Gravity Forms

surbma-divi-gravity-forms

Responsive Divi form styles for Gravity Forms.

9K No CVEs

Fresh Forms for Gravity

fresh-forms-for-gravity

100

Prevent supported caching and JS optimization plugins breaking Gravity Forms.

3K No CVEs

Developer Profile

Data8 Validation Developer Profile

data8

1 plugin · 200 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Data8 Validation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/data8-validation-for-contact-form-7/css/d8cf7-style.css

Script Paths

https://webservices.data-8.co.uk/javascript/predictiveaddress.jshttps://webservices.data-8.co.uk/javascript/predictiveaddress_cf7.js

HTML / DOM Fingerprints

CSS Classes

d8-no-validation

Data Attributes

d8_emaild8_named8_first_named8_last_name

JS Globals

d8pacf7_script_vars

REST Endpoints

https://webservices.data-8.co.uk/PhoneValidation/IsValid.jsonhttps://webservices.data-8.co.uk/EmailValidation/IsValid.jsonhttps://webservices.data-8.co.uk/SalaciousName/IsUnusableName.json

FAQ