Disposable Email Blocker – Contact Form 7 Security & Risk Analysis
wordpress.org/plugins/disposable-email-blocker-contact-form-7Now You Can Easily Block/Prevent Disposable/Temporary Spam Emails From Submitting on CF7 Form.
Is Disposable Email Blocker – Contact Form 7 Safe to Use in 2026?
Generally Safe
Score 100/100Disposable Email Blocker – Contact Form 7 has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin 'disposable-email-blocker-contact-form-7' v2.0.3 exhibits a generally strong security posture based on the provided static analysis. The absence of direct entry points like AJAX handlers, REST API routes, and shortcodes, combined with the complete absence of SQL queries not using prepared statements, and a high percentage of properly escaped output, are all positive indicators. The presence of a capability check further enhances its security.
However, the taint analysis reveals two flows with unsanitized paths, identified as high severity. While no specific vulnerabilities are detailed in the history, these unsanitized paths represent potential vectors for attackers to inject malicious data. The lack of nonce checks, while not directly tied to an attack surface in this analysis, can sometimes be an overlooked security measure in plugin development, especially if functionality were to be exposed in the future.
Overall, the plugin's historical lack of known vulnerabilities is a positive sign, suggesting diligent development and maintenance. Nevertheless, the identified high-severity taint flows warrant attention. Addressing these unsanitized paths should be the priority to solidify the plugin's security.
Key Concerns
- High severity taint flows with unsanitized paths
- Lack of nonce checks
Disposable Email Blocker – Contact Form 7 Security Vulnerabilities
Disposable Email Blocker – Contact Form 7 Code Analysis
SQL Query Safety
Output Escaping
Data Flow Analysis
Disposable Email Blocker – Contact Form 7 Attack Surface
WordPress Hooks 7
Scheduled Events 2
Maintenance & Trust
Disposable Email Blocker – Contact Form 7 Maintenance & Trust
Maintenance Signals
Community Trust
Disposable Email Blocker – Contact Form 7 Alternatives
Disposable Email Blocker – WPForms
disposable-email-blocker-wpforms
Prevent Submitting Spammy Disposable/Temporary Emails On WPForms Contact Form.
Disposable Email Blocker – Ninja Forms
disposable-email-blocker-ninja-forms
Block Disposable/Temporary Spam Emails On Any Ninja Forms From Submitting.
Reoon Email Verifier
reoon-email-verifier
Safeguard your online forms against invalid, temporary, disposable, and harmful email addresses with real-time verification.
FilterBounce Email Verifier
filter-bounce-email-verifier
Verifies email addresses in real-time during form submissions to prevent invalid, disposable, temporary, catch-all, free or spamtrap email addresses.
Invisible Anti Spam for Contact Form 7 (Simple No-Bot)
simple-no-bot
Simple, lightweight, no captcha, no configuration. Just works.
Disposable Email Blocker – Contact Form 7 Developer Profile
32 plugins · 10K total installs
How We Detect Disposable Email Blocker – Contact Form 7
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/disposable-email-blocker-contact-form-7/admin/js/scripts.js/wp-content/plugins/disposable-email-blocker-contact-form-7/admin/css/style.css/wp-content/plugins/disposable-email-blocker-contact-form-7/public/js/scripts.js/wp-content/plugins/disposable-email-blocker-contact-form-7/admin/js/scripts.js/wp-content/plugins/disposable-email-blocker-contact-form-7/public/js/scripts.jsdisposable-email-blocker-contact-form-7/admin/css/style.css?ver=disposable-email-blocker-contact-form-7/admin/js/scripts.js?ver=disposable-email-blocker-contact-form-7/public/js/scripts.js?ver=HTML / DOM Fingerprints
debcf7_enabledebcf7_enabled