Does Contact Forms 7 Digital Signature Add-On have any unpatched vulnerabilities?

No. All known vulnerabilities in Contact Forms 7 Digital Signature Add-On have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Contact Forms 7 Digital Signature Add-On compatible with WordPress 6.9.4?

According to WordPress.org data, Contact Forms 7 Digital Signature Add-On 1.8.4 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Contact Forms 7 Digital Signature Add-On updated?

Contact Forms 7 Digital Signature Add-On was last updated on Jan 8, 2026. Frequent updates are generally a positive security signal.

What is Contact Forms 7 Digital Signature Add-On's security score?

Contact Forms 7 Digital Signature Add-On has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Contact Forms 7 Digital Signature Add-On Security & Risk Analysis

wordpress.org/plugins/digital-signature-contact-form-7-addon

Instantly produce a legally enforceable & court recognized contract from a Contact Form 7 submission. Legal contracts. UETA/ESIGN Compliant.

300 active installs v1.8.4 PHP + WP 4.5+ Updated Jan 8, 2026

contact-form-7contact-forms-7forms-plugin

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Contact Forms 7 Digital Signature Add-On Safe to Use in 2026?

Generally Safe

Score 100/100

Contact Forms 7 Digital Signature Add-On has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2mo ago

Risk Assessment

The digital-signature-contact-form-7-addon v1.8.4 plugin exhibits a generally strong security posture based on the provided static analysis. It demonstrates good practices by avoiding dangerous functions and consistently utilizing prepared statements for all SQL queries, which is a significant strength. The plugin also performs robust output escaping, with a high percentage of outputs being properly handled. Furthermore, the presence of nonce and capability checks on its entry points indicates an effort to secure against unauthorized actions.

However, there are minor areas of concern. While the attack surface is relatively small and all identified entry points have authentication checks, the fact that there are still AJAX handlers could potentially present a vector if not perfectly implemented. The absence of any recorded vulnerabilities in its history is positive, suggesting a history of secure development, but it does not guarantee future security. The taint analysis showing zero flows is excellent, implying no immediate risks of data being mishandled.

In conclusion, this plugin appears to be well-developed from a security perspective, with strong adherence to fundamental security principles like prepared statements and output escaping. The lack of historical vulnerabilities and the protected entry points are significant positives. The minor weaknesses are the potential for complexity in AJAX handler implementation and the inherent risk of any software facing unknown future threats. Overall, the risk is assessed as low.

Key Concerns

Minor risk from AJAX handlers

Vulnerabilities

None known

Contact Forms 7 Digital Signature Add-On Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Contact Forms 7 Digital Signature Add-On Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

217 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

91% escaped238 total outputs

Attack Surface

Contact Forms 7 Digital Signature Add-On Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 2

authwp_ajax_esig_cf7_form_fieldsadmin\esig-cf7-admin.php:50

authwp_ajax_esig_cf7_ratting_widget_removeadmin\rating-widget\esign-rating-widget.php:45

Shortcodes 1

[esigcf7] admin\esig-cf7-admin.php:57

WordPress Hooks 31

actionadmin_noticesadmin\about\autoload.php:27

actionesig_admin_noticesadmin\about\autoload.php:29

actionin_admin_headeradmin\about\autoload.php:82

actionadmin_menuadmin\about\includes\esig-about-load.php:30

actioninitadmin\esig-cf7-admin.php:41

actionadmin_enqueue_scriptsadmin\esig-cf7-admin.php:43

actionwpcf7_enqueue_scriptsadmin\esig-cf7-admin.php:44

actionwpcf7_editor_panelsadmin\esig-cf7-admin.php:45

actionwpcf7_after_saveadmin\esig-cf7-admin.php:46

filteresig_sif_buttons_filteradmin\esig-cf7-admin.php:47

filteresig_text_editor_sif_menuadmin\esig-cf7-admin.php:48

filteresig_admin_more_document_contentsadmin\esig-cf7-admin.php:49

actionadmin_initadmin\esig-cf7-admin.php:54

filtershow_sad_invite_linkadmin\esig-cf7-admin.php:55

filteresig_invite_not_sentadmin\esig-cf7-admin.php:56

filterwpcf7_form_response_outputadmin\esig-cf7-admin.php:61

actionwpcf7_before_send_mailadmin\esig-cf7-admin.php:63

filterwpcf7_save_contact_formadmin\esig-cf7-admin.php:65

actionadmin_menuadmin\esig-cf7-admin.php:68

actionesig_signature_loadedadmin\esig-cf7-admin.php:69

filteresig_document_title_filteradmin\esig-cf7-filters.php:16

filteresig_strip_shortcodes_tagnamesadmin\esig-cf7-filters.php:17

filteresig_document_clone_render_contentadmin\esig-cf7-filters.php:18

actioninitadmin\includes\esig-cf7.php:50

actionadmin_initadmin\includes\esig-cf7.php:51

actionesig_admin_noticesadmin\rating-widget\esign-rating-widget.php:42

actionadmin_enqueue_scriptsadmin\rating-widget\esign-rating-widget.php:43

actionadmin_enqueue_scriptsadmin\rating-widget\esign-rating-widget.php:44

actionplugins_loadedcf7-signature-addon.php:79

actionplugins_loadedcf7-signature-addon.php:80

actionplugins_loadedcf7-signature-addon.php:85

Maintenance & Trust

Contact Forms 7 Digital Signature Add-On Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedJan 8, 2026

PHP min version

Downloads25K

Community Trust

Rating52/100

Number of ratings5

Active installs300

Alternatives

Contact Forms 7 Digital Signature Add-On Alternatives

Contact Form 7 – Success Page Redirects

contact-form-7-success-page-redirects

An add-on for Contact Form 7 that provides a straightforward method to redirect visitors to success pages or thank you pages.

10K No CVEs

Contact Form 7 Modules

contact-form-7-modules

Contact Form 7 - Add useful modules such as hidden fields and "send all fields" to the Contact Form 7 plugin

5K No CVEs

Contact Form 7 – InfusionSoft Add-on

contact-form-7-infusionsoft-add-on

An add-on for Contact Form 7 that provides a way to capture leads, tag customers, and send contact form data to InfusionSoft.

200 No CVEs

Database Addon for Contact Form 7 – CFDB7

contact-form-cfdb7

Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.

600K 7 CVEs

ReCaptcha v2 for Contact Form 7

wpcf7-recaptcha

100

Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1

200K No CVEs

Developer Profile

Contact Forms 7 Digital Signature Add-On Developer Profile

approveme

10 plugins · 4K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

15 days

View full developer profile

Detection Fingerprints

How We Detect Contact Forms 7 Digital Signature Add-On

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/digital-signature-contact-form-7-addon/assets/css/esig-about-alert.css/wp-content/plugins/digital-signature-contact-form-7-addon/assets/images/pen_icon.svg

HTML / DOM Fingerprints

CSS Classes

esig-icon-cssesig-about-alertbangBarerror

Data Attributes

id="esig-about-alert"

FAQ