DocoDoco Contact Form 7 Extension Security & Risk Analysis
wordpress.org/plugins/docodoco-cf7-extensionContact Form 7 のフォームに、IPアドレスに基づく企業情報の自動入力機能を追加します。
Is DocoDoco Contact Form 7 Extension Safe to Use in 2026?
Generally Safe
Score 100/100DocoDoco Contact Form 7 Extension has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The plugin "docodoco-cf7-extension" v1.0.1 demonstrates an exceptionally strong security posture based on the provided static analysis and vulnerability history. The absence of any identified attack surface points like AJAX handlers, REST API routes, or shortcodes significantly reduces the potential for external manipulation. Furthermore, the code analysis reveals no dangerous functions, all SQL queries are properly prepared, output is consistently escaped, and file operations are minimal. The presence of a nonce check and the lack of untrusted input leading to sensitive operations in taint analysis further bolster its security.
The vulnerability history is also completely clean, with no recorded CVEs, indicating a consistent track record of secure development. The combination of a minimal attack surface, robust coding practices, and a clean vulnerability history suggests this plugin is well-secured. However, it's important to note that the absence of capability checks is a minor concern, as it doesn't explicitly restrict functionality based on user roles, though this is mitigated by the lack of any exploitable entry points.
Overall, this plugin appears to be highly secure. Its strengths lie in its minimal attack surface and diligent adherence to secure coding principles. The lack of any historical vulnerabilities reinforces this positive assessment. While the absence of explicit capability checks is a technical detail, it poses no immediate risk given the current architecture.
Key Concerns
- Missing capability checks
DocoDoco Contact Form 7 Extension Security Vulnerabilities
DocoDoco Contact Form 7 Extension Release Timeline
DocoDoco Contact Form 7 Extension Code Analysis
Output Escaping
Data Flow Analysis
DocoDoco Contact Form 7 Extension Attack Surface
WordPress Hooks 4
Maintenance & Trust
DocoDoco Contact Form 7 Extension Maintenance & Trust
Maintenance Signals
Community Trust
DocoDoco Contact Form 7 Extension Alternatives
Database Addon for Contact Form 7 – CFDB7
contact-form-cfdb7
Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.
ReCaptcha v2 for Contact Form 7
wpcf7-recaptcha
Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1
Redirection for Contact Form 7
wpcf7-redirect
Redirect to any page or URL, execute scripts after submission, save data to the database, and unlock additional submission actions for Contact Form 7.
Conditional Fields for Contact Form 7
cf7-conditional-fields
Adds conditional logic to Contact Form 7.
Contact Form 7 – Dynamic Text Extension
contact-form-7-dynamic-text-extension
Extends Contact Form 7 by adding dynamic form fields that accepts shortcodes to prepopulate form fields with default values and dynamic placeholders.
DocoDoco Contact Form 7 Extension Developer Profile
3 plugins · 20 total installs
How We Detect DocoDoco Contact Form 7 Extension
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/docodoco-cf7-extension/admin/js/common-settings.js/wp-content/plugins/docodoco-cf7-extension/admin/js/how-to-use.js/wp-content/plugins/docodoco-cf7-extension/admin/css/how-to-use.css/wp-content/plugins/docodoco-cf7-extension/public/js/docodoco-cf7-extension.js//api.docodoco.jp/v6/docodocodocodoco-cf7-extension/admin/js/common-settings.js?ver=docodoco-cf7-extension/admin/js/how-to-use.js?ver=docodoco-cf7-extension/admin/css/how-to-use.css?ver=docodoco-cf7-extension/public/js/docodoco-cf7-extension.js?ver=HTML / DOM Fingerprints
[docodoco-cf7-extension]