EPE Formetto – PDF Attachments for Contact Forms Security & Risk Analysis
wordpress.org/plugins/epe-formetto-pdf-attachments-for-contact-formsAutomatically attach a clean PDF of Contact Form 7 submissions to email, simple, lightweight, and secure.
Is EPE Formetto – PDF Attachments for Contact Forms Safe to Use in 2026?
Generally Safe
Score 100/100EPE Formetto – PDF Attachments for Contact Forms has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The "epe-formetto-pdf-attachments-for-contact-forms" plugin v1.0.1 exhibits a generally strong security posture based on the provided static analysis. The absence of any AJAX handlers, REST API routes, shortcodes, or cron events with unprotected entry points significantly limits the plugin's attack surface. Code analysis reveals a commitment to secure coding practices, with 100% of SQL queries using prepared statements and 99% of output being properly escaped. The presence of nonce and capability checks, although limited in number, further indicates an awareness of security fundamentals. The lack of any recorded CVEs, past or present, and no identified critical or high-severity taint flows are also positive indicators. However, the plugin does perform file operations and bundles the dompdf library, which, while not flagged as an issue here, warrants attention for potential future vulnerabilities or outdated versions. The limited number of entry points and absence of known vulnerabilities suggest a mature and well-maintained codebase, but vigilance regarding the bundled library and file operations is still recommended.
Key Concerns
- Bundled library (dompdf)
- File operations detected
EPE Formetto – PDF Attachments for Contact Forms Security Vulnerabilities
EPE Formetto – PDF Attachments for Contact Forms Release Timeline
EPE Formetto – PDF Attachments for Contact Forms Code Analysis
Bundled Libraries
Output Escaping
Data Flow Analysis
EPE Formetto – PDF Attachments for Contact Forms Attack Surface
WordPress Hooks 9
Maintenance & Trust
EPE Formetto – PDF Attachments for Contact Forms Maintenance & Trust
Maintenance Signals
Community Trust
EPE Formetto – PDF Attachments for Contact Forms Alternatives
PDF for Contact Form 7 + Drag and Drop Template Builder
pdf-for-contact-form-7
The plugin helps you create PDF for contact form 7 you can builder template pdf
Database Addon for Contact Form 7 – CFDB7
contact-form-cfdb7
Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.
ReCaptcha v2 for Contact Form 7
wpcf7-recaptcha
Adds reCaptcha v2 from Contact Form 7 5.0.5 that was dropped on Contact Form 7 5.1
Redirection for Contact Form 7
wpcf7-redirect
Redirect to any page or URL, execute scripts after submission, save data to the database, and unlock additional submission actions for Contact Form 7.
Conditional Fields for Contact Form 7
cf7-conditional-fields
Adds conditional logic to Contact Form 7.
EPE Formetto – PDF Attachments for Contact Forms Developer Profile
1 plugin · 0 total installs
How We Detect EPE Formetto – PDF Attachments for Contact Forms
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/epe-formetto-pdf-attachments-for-contact-forms/css/epe-formetto-pdf-attachments-style.css/wp-content/plugins/epe-formetto-pdf-attachments-for-contact-forms/js/epe-formetto-pdf-attachments.js/wp-content/plugins/epe-formetto-pdf-attachments-for-contact-forms/js/epe-formetto-pdf-attachments.jsepe-formetto-pdf-attachments-for-contact-forms/css/epe-formetto-pdf-attachments-style.css?ver=epe-formetto-pdf-attachments-for-contact-forms/js/epe-formetto-pdf-attachments.js?ver=HTML / DOM Fingerprints
cf7_pdf_gen_is_cf7_activecf7_pdf_gen_is_enabledcf7_pdf_gen_handle_submissioncf7_pdf_gen_attach_pdf_to_mailcf7_pdf_gen_mail_template_normalization