Does Duplicate Killer – Prevent Duplicate Form Submissions have any unpatched vulnerabilities?

No. All known vulnerabilities in Duplicate Killer – Prevent Duplicate Form Submissions have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Duplicate Killer – Prevent Duplicate Form Submissions compatible with WordPress 6.9.4?

According to WordPress.org data, Duplicate Killer – Prevent Duplicate Form Submissions 1.5.3 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Duplicate Killer – Prevent Duplicate Form Submissions compatible with PHP 5.6.20+?

Duplicate Killer – Prevent Duplicate Form Submissions requires PHP 5.6.20 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

Duplicate Killer – Prevent Duplicate Form Submissions Security & Risk Analysis

wordpress.org/plugins/duplicate-killer

Block duplicate form submissions by validating unique email, phone and text fields — without CAPTCHA.

1K active installs v1.5.3 PHP 5.6.20+ WP 5.2+ Updated Mar 9, 2026

contact-form-7duplicate-submissionsduplicate-orderselementor-formswoocommerce

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Duplicate Killer – Prevent Duplicate Form Submissions Safe to Use in 2026?

Generally Safe

Score 100/100

Duplicate Killer – Prevent Duplicate Form Submissions has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 25d ago

Risk Assessment

The "duplicate-killer" v1.5.3 plugin presents a mixed security posture. On the positive side, it demonstrates good practices by having no known CVEs, a low number of file operations, and no external HTTP requests. The plugin also incorporates nonce and capability checks, and a high percentage of its SQL queries are properly prepared, indicating an effort to prevent common injection vulnerabilities. However, several concerning signals emerge from the static analysis. The presence of the `unserialize` function is a significant risk, as it can lead to Remote Code Execution if used with untrusted input. Furthermore, the taint analysis reveals three flows with unsanitized paths classified as high severity, suggesting potential vulnerabilities where user-controlled data could be used in a dangerous way. While there's no historical vulnerability data, these specific code signals warrant attention.

Key Concerns

Dangerous function 'unserialize' used
High severity taint flows with unsanitized paths (3)
File operations present

Vulnerabilities

None known

Duplicate Killer – Prevent Duplicate Form Submissions Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Duplicate Killer – Prevent Duplicate Form Submissions Code Analysis

Dangerous Functions

Raw SQL Queries

24 prepared

Unescaped Output

424 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$form_value = unserialize($row->form_value);includes\functions_cf7.php:69

unserialize$form_value = unserialize($row->form_value);includes\functions_forminator.php:114

unserialize$form_value = unserialize($row->form_value);includes\functions_wpforms.php:60

SQL Query Safety

83% prepared29 total queries

Output Escaping

82% escaped519 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

5 flows3 with unsanitized paths

list_table_page (includes\database.php:12)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Duplicate Killer – Prevent Duplicate Form Submissions Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 27

actionadmin_initfunction.php:37

actionadmin_initfunction.php:38

actionadmin_noticesfunction.php:39

actionupgrader_process_completefunction.php:75

actionadmin_enqueue_scriptsfunction.php:250

actionadmin_menufunction.php:296

actionadmin_initfunction.php:422

actionadmin_initincludes\class-duplicateKiller-woocommerce.php:20

actioninitincludes\class-duplicateKiller-woocommerce.php:23

actionwoocommerce_after_checkout_validationincludes\class-duplicateKiller-woocommerce.php:195

actionwoocommerce_checkout_order_processedincludes\class-duplicateKiller-woocommerce.php:197

actionwp_enqueue_scriptsincludes\dk-cookie-loader.php:14

filterbreakdance_form_run_action_store_submissionincludes\functions_breakdance.php:4

filterbreakdance_form_run_action_emailincludes\functions_breakdance.php:5

filtercf7_custom_form_invalid_form_messageincludes\functions_cf7.php:44

actionwpcf7_before_send_mailincludes\functions_cf7.php:155

actionelementor_pro/forms/validationincludes\functions_elementor.php:4

actionelementor_pro/forms/new_recordincludes\functions_elementor.php:147

filterfrm_validate_entryincludes\functions_formidable.php:4

actionforminator_custom_form_submit_before_set_fieldsincludes\functions_forminator.php:4

actionforminator_custom_form_submit_errorsincludes\functions_forminator.php:63

filterforminator_custom_form_invalid_form_messageincludes\functions_forminator.php:79

actionninja_forms_loadedincludes\functions_ninjaforms.php:8

filterninja_forms_run_action_settingsincludes\functions_ninjaforms.php:9

filterninja_forms_submit_dataincludes\functions_ninjaforms.php:29

actionwpforms_processincludes\functions_wpforms.php:4

filterwpforms_custom_form_invalid_form_messageincludes\functions_wpforms.php:29

Maintenance & Trust

Duplicate Killer – Prevent Duplicate Form Submissions Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 9, 2026

PHP min version5.6.20

Downloads19K

Community Trust

Rating100/100

Number of ratings3

Active installs1K

Alternatives

Duplicate Killer – Prevent Duplicate Form Submissions Alternatives

Invisible reCaptcha for WordPress

invisible-recaptcha

Invisible reCaptcha for WordPress plugin helps you to protect your sites against bad spam bots using the new Invisible reCaptcha by Google.

90K No CVEs

Database for Contact Form 7, WPforms, Elementor forms

contact-form-entries

Saves Contact Form 7, WPforms,Elementor Forms, CRM Perks Forms and many other contact form submissions to database.

70K 13 CVEs

AFI – The Easiest Integration Plugin

advanced-form-integration

Connect any WordPress form or event to 200+ apps — no code. Send leads, orders, and signups to your CRM, email, or sheets in minutes.

10K 8 CVEs

$WP Advanced Math Captcha$

WP Advanced Math Captcha

wp-advanced-math-captcha

100

Protect your WordPress site with a powerful and user-friendly Math Captcha. Now with seamless WooCommerce, WPForms, and Formidable Forms integration!

7K No CVEs

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation

get-a-quote-button-for-woocommerce

Request a Quote for WooCommerce and Elementor plugin shows a Contact Form 7 or WPForms popup on button click. Quote for WooCommerce, price on request.

6K 1 CVE

Developer Profile

Duplicate Killer – Prevent Duplicate Form Submissions Developer Profile

NIA

2 plugins · 1K total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Duplicate Killer – Prevent Duplicate Form Submissions

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/duplicate-killer/css/dk-backend.css/wp-content/plugins/duplicate-killer/css/dk-frontend.css/wp-content/plugins/duplicate-killer/js/dk-script.js

Script Paths

/wp-content/plugins/duplicate-killer/js/dk-script.js

Version Parameters

duplicate-killer/css/dk-backend.css?ver=duplicate-killer/css/dk-frontend.css?ver=duplicate-killer/js/dk-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

dk-row

HTML Comments

Data Attributes

data-dk-id

JS Globals

duplicateKiller

FAQ