[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fL4-SCRDLhkSUCUVkatFiOnmA8tvzt7_nfapYUf_MXlA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":17,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":138,"fingerprints":274},"feedback-extended","Feedback Extended","1.0.0","ehsan4php","https:\u002F\u002Fprofiles.wordpress.org\u002Fehsan4php\u002F","\u003Cp>With Contact Form active under Jetpack (1.3 or higher) this plugin will add a\u003Cbr \u002F>\nnew option in the “Feedback Management” area to reply to each message sent.\u003C\u002Fp>\n\u003Cp>When a visitor send an email using the Contact Form, the message is sent to\u003Cbr \u002F>\nemail of the site’s owner as well as stored under “Feedback Management” area.\u003Cbr \u002F>\nThis plugin lets users to reply directly from WP Admin using nice text editor.\u003C\u002Fp>\n\u003Cp>The emails are sent in HTML format and user can change the name and email\u003Cbr \u002F>\naddress the mail will be sent from.\u003C\u002Fp>\n","This plugin requires Jetpack 1.3 or up with Contact Form plugin active. This plugin will enable users to reply to feedbacks from the admin panel.",10,1796,0,"2013-02-04T15:34:00.000Z","3.5.2","2.8","",[19,20,21,22,23],"contact-form","extended","feedback","jetpack","reply","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeedback-extended.1.0.0.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},2,310,89,30,86,"2026-04-04T04:18:59.618Z",[37,63,85,104,120],{"slug":38,"name":39,"version":40,"author":41,"author_profile":42,"description":43,"short_description":44,"active_installs":45,"downloaded":46,"rating":47,"num_ratings":48,"last_updated":49,"tested_up_to":50,"requires_at_least":51,"requires_php":52,"tags":53,"homepage":58,"download_link":59,"security_score":60,"vuln_count":61,"unpatched_count":13,"last_vuln_date":62,"fetched_at":27},"pirate-forms","Contact Form & SMTP Plugin for WordPress by PirateForms","2.6.1","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Cp>\u003Cstrong>Pirate Forms is no longer under active development. We recommend using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpforms-lite\u002F\" rel=\"friend ugc\">WPForms\u003C\u002Fa> because it is the most beginner-friendly WordPress contact form plugin in the market.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>In Sep 2018, \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Fwpforms-has-acquired-pirate-forms\u002F\" rel=\"friend nofollow ugc\">Pirate Forms was acquired by WPForms\u003C\u002Fa>. We’re retiring Pirate Forms in favor of the modern form builder by WPForms, so users can have access to best user experience and more powerful WordPress form features.\u003C\u002Fp>\n\u003Cp>Stay in touch with your visitors very easily. Pirate Contact Forms offers you a great and friendly contact form for your website.\u003Cbr \u002F>\nThis is an easy-to-use WordPress contact form with captcha plugin. To create a contact form you just need to use the [pirate_forms] shortcode or use the WordPress contact form widget.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Time-saving features available in the FULL WPForms version:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unlimited Forms\u003C\u002Fli>\n\u003Cli>Email Marketing Integrations (MailChimp, AWeber, Constant Contact, and more)\u003C\u002Fli>\n\u003Cli>Payment Integrations (PayPal and Stripe)\u003C\u002Fli>\n\u003Cli>Surveys & Polls Addon\u003C\u002Fli>\n\u003Cli>Conditional Logic\u003C\u002Fli>\n\u003Cli>User Registration, Geo-location, File Uploads, Multi-Page Forms, and a whole lot more.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=pirateformslite\" title=\"WPForms\" rel=\"friend nofollow ugc\">Learn more about WPForms Pro\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Cstrong>Why use our responsive WordPress Contact Form:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It’s easy to use\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This Contact Form 7 or any form builder alternative is very easy to set up. You can quickly create an engaging contact form by using a shortcode and copying it where you want it to appear.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>It’s fully customizable\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This WordPress Contact Form plugin allows you to customize everything you want. You can change the field labels and decide what message to tell your visitors when an error shows up. You can also decide which fields are required and which are not.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Provides reCaptcha\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Avoid spam messages and make sure the e-mails you receive are entirely addressed to you.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Comes with SMTP\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Pirate Form comes with basic SMTP options, so you won’t miss any email from your visitors. The messages will be safely delivered from the source to your personal e-mail address.\u003C\u002Fp>\n\u003Cp>However for a more reliable SMTP solution, we recommend using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-mail-smtp\u002F\" rel=\"ugc\">WP Mail SMTP by WPForms\u003C\u002Fa> which is the most popular WordPress SMTP solution being used by over 1 million websites.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Stores contacts in special databases\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can keep all the contacts in an archive by saving their e-mail addresses. Pirate Contact Form allows you to do that by providing contact databases.\u003C\u002Fp>\n\u003Cp>A simple to use contact form plugin for creating a clean contact form using the [pirate_forms] shortcode or the ‘Pirate Forms’ form widget.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Provides option to allow submitting the form using AJAX\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Standard contact forms work just fine, but you can make them nicer by using AJAX to submit the form data in the background.\u003C\u002Fp>\n\u003Cp>Pirate Forms allows you to take advantage of this great feature using the [pirate_forms ajax=”yes”] shortcode or the ‘Submit form using Ajax’ option in the Pirate Forms widget.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>What PirateForms isn’t for now\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is not a form maker or drag & drop builder plugin nor “the best contact form plugin”. You cannot add new fields or create multiple forms (subscription forms, payment, order, feedback or quote) with Pirate Forms.\u003C\u002Fp>\n\u003Cp>This is why we recommend using \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=pirateformslite\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> which is the most beginner friendly drag & drop WordPress form builder in the market.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pirate Forms is no longer under active development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Pirate Forms is no longer under active development. We recommend using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpforms-lite\u002F\" rel=\"friend ugc\">WPForms\u003C\u002Fa> because it is the most beginner-friendly WordPress contact form plugin in the market.\u003C\u002Fp>\n\u003Cp>In Sep 2018, \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Fwpforms-has-acquired-pirate-forms\u002F\" rel=\"friend nofollow ugc\">Pirate Forms was acquired by WPForms\u003C\u002Fa>. We’re retiring Pirate Forms in favor of the moden form builder by WPForms, so users can have access to best user experience and more powerful WordPress form features.\u003C\u002Fp>\n\u003Ch4>What’s Next\u003C\u002Fh4>\n\u003Cp>You may also want to consider checking out our other projects:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F\" title=\"WPForms\" rel=\"friend nofollow ugc\">WPForms\u003C\u002Fa> – Best WordPress Contact Form Plugin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Foptinmonster.com\u002F\" title=\"OptinMonster\" rel=\"friend nofollow ugc\">OptinMonster\u003C\u002Fa> – Get More Email Subscribers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.monsterinsights.com\u002F\" title=\"MonsterInsights\" rel=\"friend nofollow ugc\">MonsterInsights\u003C\u002Fa> – Best Google Analytics Plugin for WordPress\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Visit \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" title=\"WPBeginner\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa> to learn from our \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fwp-tutorials\u002F\" title=\"WordPress Tutorials\" rel=\"friend nofollow ugc\">WordPress Tutorials\u003C\u002Fa> and find out about other \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fcategory\u002Fplugins\u002F\" title=\"Best WordPress Plugins\" rel=\"friend nofollow ugc\">best WordPress plugins\u003C\u002Fa>, \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002Fwordpress-hosting\u002F\" rel=\"friend nofollow ugc\">best WordPress hosting solutions\u003C\u002Fa>, and see our step by step guide on \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fstart-a-wordpress-blog\u002F\" rel=\"friend nofollow ugc\">how to start a blog\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>Pirate Forms was acquired by WPForms and is no longer being actively maintained.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>WPForms is absolutely, positively the most \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" title=\"Best WordPress contact form plugin\" rel=\"friend nofollow ugc\">beginner friendly WordPress contact form plugin\u003C\u002Fa> on the market. It is both easy and powerful.\u003C\u002Fp>\n\u003Cp>We took the pain out of creating online forms and made it easy. Check out all \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteversion\" rel=\"friend nofollow ugc\">WPForms features\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Also, I’m the founder of \u003Ca href=\"http:\u002F\u002Fwww.wpbeginner.com\u002F\" rel=\"friend nofollow ugc\">WPBeginner\u003C\u002Fa>, the largest WordPress resource site for beginners. It was a huge priority for me to make a WordPress contact form plugin that beginners can use without any training.\u003C\u002Fp>\n\u003Cp>I feel that we have done that here. I hope you enjoy using WPForms.\u003C\u002Fp>\n\u003Cp>Thank you\u003C\u002Fp>\n\u003Cp>Syed Balkhi\u003C\u002Fp>\n","A simple and effective WordPress contact form & SMTP plugin. Compatible with best themes out there, is both a secure and responsive contact form p &hellip;",30000,3808223,94,223,"2025-01-20T14:45:00.000Z","6.7.5","5.5","5.6",[19,54,55,56,57],"feedback-form","forms","smtp","subscribe-form","http:\u002F\u002Fthemeisle.com\u002Fplugins\u002Fpirate-forms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpirate-forms.2.6.1.zip",87,4,"2025-03-03 00:00:00",{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":47,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":52,"requires_php":76,"tags":77,"homepage":81,"download_link":82,"security_score":83,"vuln_count":30,"unpatched_count":13,"last_vuln_date":84,"fetched_at":27},"clean-and-simple-contact-form-by-meg-nicholas","Contact Form Clean and Simple","4.12.2","fullworks","https:\u002F\u002Fprofiles.wordpress.org\u002Ffullworks\u002F","\u003Cp>A clean and simple AJAX contact form with Google reCAPTCHA, flexible CSS framework support, spam filtering, and REST API support for headless WordPress implementations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean\u003C\u002Fstrong>: all user inputs are stripped in order to avoid cross-site scripting (XSS) vulnerabilities.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Simple\u003C\u002Fstrong>: AJAX enabled validation and submission for immediate response and guidance for your users (can be switched off).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Flexible Styling\u003C\u002Fstrong>: Choose your CSS framework – Bootstrap (default), Theme Native (inherits your theme’s styles), or Minimal (semantic classes for complete custom styling).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>REST API Support\u003C\u002Fstrong>: Enable headless WordPress implementations to submit forms via authenticated REST API endpoints.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Accessible\u003C\u002Fstrong>: Built with accessibility in mind – proper ARIA attributes, keyboard navigation, screen reader support, and WCAG AA compliant color contrast.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is a straightforward contact form for your WordPress site. There is very minimal set-up\u003Cbr \u002F>\nrequired. Simply install, activate, and then place the short code \u003Cstrong>[cscf-contact-form]\u003C\u002Fstrong> on your web page.\u003C\u002Fp>\n\u003Cp>A standard set of input boxes are provided, these include Email Address, Name, Message and a nice big ‘Send Message’ button.\u003C\u002Fp>\n\u003Cp>When your user has completed the form an email will be sent to you containing your user’s message.\u003Cbr \u002F>\nTo reply simply click the ‘reply’ button on your email client.\u003Cbr \u002F>\nThe email address used is the one you have set up in WordPress under ‘Settings’ -> ‘General’, so do check this is correct.\u003C\u002Fp>\n\u003Cp>To help prevent spam all data is scanned can be scanned with Fullworks Anti Spam Pro.\u003Cbr \u002F>\nFor this to work you must have the \u003Ca href=\"https:\u002F\u002Ffullworksplugins.com\u002Fproducts\u002Fanti-spam\u002F\" title=\"Fullworks Anti Spam Pro\" rel=\"nofollow ugc\">Fullworks Anti Spam Pro Plugin\u003C\u002Fa> installed and activated.\u003C\u002Fp>\n\u003Cp>Fullworks Anti Spam Pro will also log all your messages, categorized  as spam or not, automatically.\u003C\u002Fp>\n\u003Cp>For added piece of mind this plugin also allows you to add a ‘\u003Cstrong>reCAPTCHA\u003C\u002Fstrong>’.\u003Cbr \u002F>\nThis adds a picture of a couple of words to the bottom of the contact form.\u003Cbr \u002F>\nYour user must correctly type the words before the form can be submitted, and in so doing, prove that they are human.\u003C\u002Fp>\n\u003Ch4>Why Choose This Plugin?\u003C\u002Fh4>\n\u003Cp>Granted there are many plugins of this type in existence already. Why use this one in-particular?\u003C\u002Fp>\n\u003Cp>Here’s why:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Minimal setup. Simply activate the plugin and place the shortcode [cscf-contact-form] on any post or page.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Safe\u003C\u002Fstrong>. All input entered by your user  is stripped back to minimise as far as possible the likelihood of any\u003Cbr \u002F>\nmalicious user attempting to inject a script into your website.\u003Cbr \u002F>\nIf the Fullworks Anti Spam Pro plugin is activated all form data will be scanned for spam.\u003Cbr \u002F>\nYou can turn on reCAPTCHA to avoid your form being abused by bots, however Fullworks Anti Spam Pro will do this without reCAPTCHA.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Ajax enabled\u003C\u002Fstrong>. You have the option to turn on AJAX (client-side) validation and submission which gives your users an immediate response when completing the form without having to wait for the page to refresh.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The form can \u003Cstrong>integrate seamlessly into your website\u003C\u002Fstrong>. Turn off the plugin’s default css style sheet so that your theme’s style sheet can be used instead.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Flexible CSS styling\u003C\u002Fstrong>: Choose from Bootstrap, Modern (with dark mode), Theme Native, or Minimal styling modes to match your site’s design.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>This plugin will only link in its jQuery file where it’s needed, it \u003Cstrong>will not impose\u003C\u002Fstrong> itself on every page of your whole site!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Works with the \u003Cstrong>latest version of WordPress\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Original plugin written by an \u003Cstrong>experienced PHP programmer\u003C\u002Fstrong>, Megan Nicholas, the code is rock solid, safe, and rigorously tested as standard practice.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Headless WordPress ready\u003C\u002Fstrong>. REST API support allows you to submit forms from decoupled frontends, mobile apps, or any external application with proper authentication.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Hopefully this plugin will fulfil all your needs.\u003C\u002Fp>\n\u003Ch3>PHP 8 Ready\u003C\u002Fh3>\n\u003Cp>Tested on PHP 8.4\u003C\u002Fp>\n\u003Ch3>How to Use\u003C\u002Fh3>\n\u003Cp>Unless you want to change messages or add reCAPTCHA to your contact form then this plugin will work out of the box without any additional setup.\u003C\u002Fp>\n\u003Cp>Important: Check that you have an email address set-up in your WordPress ‘Settings’->’General’ page. This is the address that the plugin will use to send the contents of the contact form.\u003C\u002Fp>\n\u003Cp>To add the contact form to your WordPress website simply place the shortcode [cscf-contact-form] on the post or page that you wish the form to appear on.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>If you have Jetpack plugin installed disable the contact form otherwise the wrong form might display.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Additional Settings\u003C\u002Fh3>\n\u003Cp>This plugin will work out of the box without any additional setup. You have the option to change the default messages that are displayed to your user and to add reCAPTCHA capabilities.\u003C\u002Fp>\n\u003Cp>Go to the settings screen for the contact form plugin.\u003C\u002Fp>\n\u003Cp>You will find a link to the setting screen against the entry of this plugin on the ‘Installed Plugins’ page.\u003C\u002Fp>\n\u003Cp>Here is a list of things that you can change\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Message\u003C\u002Fstrong>: The message displayed to the user at the top of the contact form.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Message Sent Heading\u003C\u002Fstrong>: The message heading or title displayed to the user after the message has been sent.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Message Sent Content\u003C\u002Fstrong>: The message content or body displayed to the user after the message has been sent.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>CSS Framework\u003C\u002Fstrong>: Choose how the form is styled:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Bootstrap (Default)\u003C\u002Fstrong>: Uses Bootstrap CSS classes for full Bootstrap compatibility. Best for themes already using Bootstrap.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Modern (Card style)\u003C\u002Fstrong>: A beautiful, opinionated modern design with card-style layout, large inputs, and CSS variables for easy customization. Includes automatic dark mode support.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Theme Native\u003C\u002Fstrong>: Uses minimal classes with WordPress’s wp-element-button for the submit button. The form inherits your theme’s native form styles.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Minimal\u003C\u002Fstrong>: Uses semantic CSS classes only (cscf-field, cscf-input, etc.) for complete custom styling control.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Use this plugin’s default stylesheet\u003C\u002Fstrong>: The plugin comes with a default style sheet to make the form look nice for your user. Untick this if you want to use your theme’s stylesheet instead. The default stylesheet will simply not be linked in. This option is most relevant when using the Bootstrap CSS framework.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Use client side validation (Ajax)\u003C\u002Fstrong>: When ticked the contact form will be validated and submitted on the client giving your user instant feedback if they have filled the form in incorrectly. If you wish the form to be validated and submitted only to the server then untick this option.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Use reCAPTCHA\u003C\u002Fstrong>: Tick this option if you wish your form to have a reCAPTCHA box. ReCAPTCHA helps to avoid spam bots using your form by checking that the form filler is actually a real person. To use reCAPTCHA you will need to get a some special keys from google https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fadmin\u002Fcreate. Once you have your keys enter them into the Public key and Private key boxes\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>reCAPTCHA Public Key\u003C\u002Fstrong>: Enter the public key that you obtained from here.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>reCAPTCHA Private Key\u003C\u002Fstrong>: Enter the private key that you obtained from here.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>reCAPTCHA Theme\u003C\u002Fstrong>: Here you can change the reCAPTCHA box theme so that it fits with the style of your website.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Recipient Emails\u003C\u002Fstrong>: The email address where you would like all messages to be sent.\u003Cbr \u002F>\nThis will default to the email address you have specified under ‘E-Mail Address’ in your WordPress General Settings.\u003Cbr \u002F>\nIf you want your mail sent to a different address then enter it here.\u003Cbr \u002F>\nYou may enter multiple email addresses by clicking the ‘+’ button.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Confirm Email Address\u003C\u002Fstrong>: Email confirmation is now optional. To force your user to re-type their email address tick ‘Confirm Email Address’.\u003Cbr \u002F>\nIt is recommended that you leave this option on. If you turn this option off your user will only have to enter their email address once,\u003Cbr \u002F>\nbut if they enter it incorrectly you will have no way of getting back to them!\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Email Subject\u003C\u002Fstrong>: This is the email subject that will appear on all messages. If you would like to set it to something different then enter it here.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Override ‘From’ Address\u003C\u002Fstrong>: If you tick this and then fill in the ‘From Address:’ box then all email will be sent from the given address NOT from the email address given by the form filler.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>**Option to allow enquiry to email themselves a copy of the message.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Contact consent\u003C\u002Fstrong>: This option allows you to be GDPR compliant by adding a ‘Consent to contact’ check box at the bottom of the form.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Enable REST API\u003C\u002Fstrong>: Turn on REST API support to allow headless WordPress implementations to submit forms.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Required User Capability\u003C\u002Fstrong>: Set the minimum WordPress user capability required to use the REST API (default: edit_posts).\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>REST API for Headless WordPress\u003C\u002Fh3>\n\u003Cp>This plugin includes REST API support, making it perfect for headless WordPress implementations, mobile applications, and decoupled frontend frameworks like React, Vue.js, or Angular.\u003C\u002Fp>\n\u003Ch4>Enabling REST API\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Go to the plugin settings page\u003C\u002Fli>\n\u003Cli>Find the “REST API Settings” section\u003C\u002Fli>\n\u003Cli>Check “Enable REST API”\u003C\u002Fli>\n\u003Cli>Set the required user capability (default: edit_posts)\u003C\u002Fli>\n\u003Cli>Save your settings\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>API Endpoint\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>POST\u003C\u002Fstrong> \u003Ccode>\u002Fwp-json\u002Fcscf\u002Fv1\u002Fsubmit\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Authentication\u003C\u002Fh4>\n\u003Cp>The REST API requires WordPress user authentication. Users must be logged in and have the capability specified in settings (default: edit_posts).\u003C\u002Fp>\n\u003Cp>For headless implementations, you can use:\u003Cbr \u002F>\n– Application Passwords (WordPress 5.6+)\u003Cbr \u002F>\n– JWT Authentication plugins\u003Cbr \u002F>\n– OAuth plugins\u003Cbr \u002F>\n– Basic Authentication (development only)\u003C\u002Fp>\n\u003Ch4>Request Format\u003C\u002Fh4>\n\u003Cp>Send a POST request with JSON body:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>`json\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>{\u003Cbr \u002F>\n  “name”: “John Doe”,\u003Cbr \u002F>\n  “email”: “john@example.com”,\u003Cbr \u002F>\n  “confirm_email”: “john@example.com”,\u003Cbr \u002F>\n  “message”: “Your message here”,\u003Cbr \u002F>\n  “phone_number”: “+1234567890”,\u003Cbr \u002F>\n  “contact_consent”: true,\u003Cbr \u002F>\n  “email_sender”: false,\u003Cbr \u002F>\n  “post_id”: 123\u003Cbr \u002F>\n}\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Required fields:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ccode>name\u003C\u002Fcode>: Sender’s name\u003Cbr \u002F>\n– \u003Ccode>email\u003C\u002Fcode>: Sender’s email address\u003Cbr \u002F>\n– \u003Ccode>message\u003C\u002Fcode>: The message content\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Optional fields:\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Ccode>confirm_email\u003C\u002Fcode>: Required if email confirmation is enabled in settings\u003Cbr \u002F>\n– \u003Ccode>phone_number\u003C\u002Fcode>: Required if phone number is set as mandatory in settings\u003Cbr \u002F>\n– \u003Ccode>contact_consent\u003C\u002Fcode>: Required if contact consent is enabled in settings\u003Cbr \u002F>\n– \u003Ccode>email_sender\u003C\u002Fcode>: Set to true to send a copy to the sender\u003Cbr \u002F>\n– \u003Ccode>post_id\u003C\u002Fcode>: The ID of the page\u002Fpost where the form would normally be displayed\u003C\u002Fp>\n\u003Ch4>Response Format\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Success Response (200):\u003C\u002Fstrong>\u003Cbr \u002F>\n    \u003Ccode>json\u003Cbr \u002F>\n{\u003Cbr \u002F>\n  \"success\": true,\u003Cbr \u002F>\n  \"message\": \"Message Sent\"\u003Cbr \u002F>\n}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Validation Error Response (400):\u003C\u002Fstrong>\u003Cbr \u002F>\n    \u003Ccode>json\u003Cbr \u002F>\n{\u003Cbr \u002F>\n  \"code\": \"validation_failed\",\u003Cbr \u002F>\n  \"message\": \"Validation failed.\",\u003Cbr \u002F>\n  \"data\": {\u003Cbr \u002F>\n    \"status\": 400,\u003Cbr \u002F>\n    \"errors\": {\u003Cbr \u002F>\n      \"email\": \"Please enter a valid email address.\",\u003Cbr \u002F>\n      \"message\": \"Please enter a message.\"\u003Cbr \u002F>\n    }\u003Cbr \u002F>\n  }\u003Cbr \u002F>\n}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Authentication Error Response (401):\u003C\u002Fstrong>\u003Cbr \u002F>\n    \u003Ccode>json\u003Cbr \u002F>\n{\u003Cbr \u002F>\n  \"code\": \"rest_forbidden\",\u003Cbr \u002F>\n  \"message\": \"Authentication required.\",\u003Cbr \u002F>\n  \"data\": {\u003Cbr \u002F>\n    \"status\": 401\u003Cbr \u002F>\n  }\u003Cbr \u002F>\n}\u003C\u002Fcode>\u003C\u002Fp>\n\u003Ch4>Example Implementation\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>JavaScript (fetch API):\u003C\u002Fstrong>\u003Cbr \u002F>\n    `javascript\u003Cbr \u002F>\nconst formData = {\u003Cbr \u002F>\n  name: “John Doe”,\u003Cbr \u002F>\n  email: “john@example.com”,\u003Cbr \u002F>\n  confirm_email: “john@example.com”,\u003Cbr \u002F>\n  message: “This is a test message from the REST API”\u003Cbr \u002F>\n};\u003C\u002Fp>\n\u003Cp>fetch(‘https:\u002F\u002Fyoursite.com\u002Fwp-json\u002Fcscf\u002Fv1\u002Fsubmit’, {\u003Cbr \u002F>\n  method: ‘POST’,\u003Cbr \u002F>\n  headers: {\u003Cbr \u002F>\n    ‘Content-Type’: ‘application\u002Fjson’,\u003Cbr \u002F>\n    ‘Authorization’: ‘Bearer YOUR_AUTH_TOKEN’\u003Cbr \u002F>\n  },\u003Cbr \u002F>\n  body: JSON.stringify(formData)\u003Cbr \u002F>\n})\u003Cbr \u002F>\n.then(response => response.json())\u003Cbr \u002F>\n.then(data => {\u003Cbr \u002F>\n  if (data.success) {\u003Cbr \u002F>\n    console.log(‘Message sent successfully!’);\u003Cbr \u002F>\n  } else {\u003Cbr \u002F>\n    console.error(‘Validation errors:’, data.data.errors);\u003Cbr \u002F>\n  }\u003Cbr \u002F>\n});\u003Cbr \u002F>\n    `\u003C\u002Fp>\n\u003Ch4>Important Notes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>REST API is disabled by default for security\u003C\u002Fli>\n\u003Cli>reCAPTCHA is bypassed for REST API submissions (authentication provides security)\u003C\u002Fli>\n\u003Cli>All other form validations and spam filtering still apply\u003C\u002Fli>\n\u003Cli>Form submissions via REST API are processed identically to regular submissions\u003C\u002Fli>\n\u003Cli>Email notifications work the same way as standard form submissions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Demo\u003C\u002Fh3>\n\u003Cp>Demo site coming soon.\u003C\u002Fp>\n","A clean and simple contact form with flexible CSS framework support.",8000,546899,195,"2025-12-31T15:28:00.000Z","6.9.4","7.4",[78,79,19,54,80],"bootstrap","contact","form","https:\u002F\u002Ffullworks.net\u002Fproducts\u002Fclean-and-simple-contact-form","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fclean-and-simple-contact-form-by-meg-nicholas.4.12.2.zip",99,"2020-01-14 00:00:00",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":93,"downloaded":94,"rating":47,"num_ratings":95,"last_updated":96,"tested_up_to":97,"requires_at_least":98,"requires_php":99,"tags":100,"homepage":17,"download_link":102,"security_score":103,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"more-mails-for-cf7","More Mails for CF7","1.2.1","Roy Orbitson","https:\u002F\u002Fprofiles.wordpress.org\u002Flev0\u002F","\u003Cp>By default, Contact Form 7 has a limit of two distinct mail messages per form, though each can have multiple recipients. This plugin allows you to add as many as you need. It’s relatively simple, so does not include the automatic configuration error detection that the default mails have.\u003C\u002Fp>\n\u003Cp>If you only wish to send the same message to multiple recipients, you won’t need this plugin; instead use the \u003Cstrong>To\u003C\u002Fstrong> field, or add \u003Cem>Cc\u003C\u002Fem>\u002F\u003Cem>Bcc\u003C\u002Fem> headers in the \u003Cstrong>Additional Headers\u003C\u002Fstrong> field as per \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fadding-cc-bcc-and-other-mail-headers\u002F\" rel=\"nofollow ugc\">Contact Form 7’s documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Tested up to v6.1.2 of Contact Form 7.\u003C\u002Fp>\n","Extends the ubiquitous Contact Form 7 plugin to allow three or more messages.",500,5518,6,"2025-10-28T04:44:00.000Z","6.8.5","4.9.0","5.6.0",[79,19,101,21,80],"email","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmore-mails-for-cf7.1.2.1.zip",100,{"slug":105,"name":106,"version":6,"author":107,"author_profile":108,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":13,"num_ratings":13,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":52,"tags":116,"homepage":118,"download_link":119,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"cf7-countries","Contact Form 7 Countries","Max Law","https:\u002F\u002Fprofiles.wordpress.org\u002Fatelierlabo\u002F","\u003Cp>Country drop-down menu for Contact Form 7. Install the plugin and you will get “countries drop down” Form tag in CF7. The countries list is the same countries list used by WooCommerce.\u003C\u002Fp>\n","Country drop-down menu for Contact Form 7.",400,6718,"2019-02-24T15:45:00.000Z","5.1.22","3.0.1",[79,19,117,101,21],"contact-form-7","http:\u002F\u002Fcf7-countries","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-countries.1.0.zip",{"slug":121,"name":122,"version":115,"author":123,"author_profile":124,"description":125,"short_description":126,"active_installs":111,"downloaded":127,"rating":103,"num_ratings":128,"last_updated":129,"tested_up_to":75,"requires_at_least":130,"requires_php":131,"tags":132,"homepage":134,"download_link":135,"security_score":103,"vuln_count":136,"unpatched_count":13,"last_vuln_date":137,"fetched_at":27},"contact-form-x","Contact Form X","Jeff Starr","https:\u002F\u002Fprofiles.wordpress.org\u002Fspecialk\u002F","\u003Cp>Displays a user-friendly contact form that your visitors will love.\u003C\u002Fp>\n\u003Cp>CFX: Contact form reinvented. Fast and friendly. Fresh and clean. Awesome for everyone 🙂\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Overview\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Install, activate, and then display the form anywhere, using the widget, shortcode, or template tag. Here is an overview of Contact Form X:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>Simple and secure\u003C\u002Fli>\n\u003Cli>ADA and WCAG compliant\u003C\u002Fli>\n\u003Cli>Lightweight and super fast\u003C\u002Fli>\n\u003Cli>Provides multiple form styles\u003C\u002Fli>\n\u003Cli>Customize just about everything\u003C\u002Fli>\n\u003Cli>Display the contact form anywhere\u003C\u002Fli>\n\u003Cli>Add Checkbox, Radio, and Select fields\u003C\u002Fli>\n\u003Cli>Customize the order of all form fields\u003C\u002Fli>\n\u003Cli>Send email to multiple recipients\u003C\u002Fli>\n\u003Cli>Complete documentation via Help tab\u003C\u002Fli>\n\u003Cli>Excellent free plugin support 😎\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>“The famous spam filter SpamAssassin” scores CFX = zero spam!\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>For more details, check out the “Screenshots” section, below.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Form Fields\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Easily choose which fields to display in the form. Each field may be set as required, optional, or disabled. Choose from these fields:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Name\u003C\u002Fli>\n\u003Cli>Website\u003C\u002Fli>\n\u003Cli>Email\u003C\u002Fli>\n\u003Cli>Subject\u003C\u002Fli>\n\u003Cli>Custom Field 1 (can be dropdown, checkbox, radio, text, or phone number)\u003C\u002Fli>\n\u003Cli>Custom Field 2 (can be dropdown, checkbox, radio, text, or phone number)\u003C\u002Fli>\n\u003Cli>Custom Field 3 (can be dropdown, checkbox, radio, text, or phone number)\u003C\u002Fli>\n\u003Cli>Challenge Question\u003C\u002Fli>\n\u003Cli>Message\u003C\u002Fli>\n\u003Cli>Google reCaptcha (v2 or v3 Invisible)\u003C\u002Fli>\n\u003Cli>Cloudflare Turnstile (Invisible Captcha)\u003C\u002Fli>\n\u003Cli>Carbon Copy\u003C\u002Fli>\n\u003Cli>Agree to Terms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can change the order of these fields and customize their labels and placeholders, everything is super flexible.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For a live demo\u003C\u002Fstrong> of Contact Form X, visit my \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsupport\u002F#contact\" rel=\"nofollow ugc\">support page\u003C\u002Fa> at Plugin Planet, and also my \u003Ca href=\"https:\u002F\u002Fperishablepress.com\u002Fcontact\u002F\" rel=\"nofollow ugc\">contact page\u003C\u002Fa> at Perishable Press. Feel free to send a test email to see how it works, I won’t mind 😉 Also check out CFX in the “Screenshots” section (below) for a better idea of how the default form is styled out of the box.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Geeky Stuff\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Lots of goodness for the geeks among us:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Built with WordPress APIs\u003C\u002Fli>\n\u003Cli>Ajax-powered form submission\u003C\u002Fli>\n\u003Cli>Remembers all form data on error\u003C\u002Fli>\n\u003Cli>Cloudflare Turnstile (Invisible Captcha)\u003C\u002Fli>\n\u003Cli>Google reCaptcha (v2 or v3 Invisible)\u003C\u002Fli>\n\u003Cli>Drag\u002Fdrop ordering of all form fields\u003C\u002Fli>\n\u003Cli>View your email messages on the WP Dashboard\u003C\u002Fli>\n\u003Cli>Option to enable\u002Fdisable storing of email data in database\u003C\u002Fli>\n\u003Cli>Display form via widget, shortcode, or template tag\u003C\u002Fli>\n\u003Cli>Five CSS themes: Default, Classic, Micro, Synthetic, Dark\u003C\u002Fli>\n\u003Cli>Optionally disable all plugin styles and use your own CSS\u003C\u002Fli>\n\u003Cli>Optionally collect user data like IP, host, and referrer\u003C\u002Fli>\n\u003Cli>Works perfectly with or without Gutenberg Block Editor\u003C\u002Fli>\n\u003Cli>Focused on performance, security, and usability\u003C\u002Fli>\n\u003Cli>Include extra form and user info with each message\u003C\u002Fli>\n\u003Cli>Customize the form’s success and error messages\u003C\u002Fli>\n\u003Cli>Provides plenty of useful hooks for developers\u003C\u002Fli>\n\u003Cli>Targeted loading of CSS and JavaScript assets\u003C\u002Fli>\n\u003Cli>One-click remove email data from database\u003C\u002Fli>\n\u003Cli>One-click restore default options\u003C\u002Fli>\n\u003Cli>Translation ready\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Contact Form X is a fresh new, lighter alternative to the heavier contact forms out there. CFX is lightweight yet fully featured. As they say, “everything you want, nothing you don’t”.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>To help protect user privacy, Contact Form X provides the following features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Agree to terms checkbox, customizable\u003C\u002Fli>\n\u003Cli>Choose which fields to include with the form\u003C\u002Fli>\n\u003Cli>Option to disable collection of user IP address and other data\u003C\u002Fli>\n\u003Cli>Note: this plugin uses cookies to enhance form functionality\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Basically, this plugin enables visitors to send a message via contact form. Any information the user enters into the form will be sent directly to the recipient(s) according to plugin settings. When enabled in the plugin settings, details about each sent message will be stored in the WordPress database. Visit the “Advanced” plugin settings to control and\u002For disable this and other data-collection features.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Note:\u003C\u002Fstrong> CFX provides an option to enable Google reCaptcha, which is provided by Google as a third-party service. For details on privacy and more, please refer to official documentation for \u003Ca href=\"https:\u002F\u002Fdevelopers.google.com\u002Frecaptcha\u002F\" rel=\"nofollow ugc\">Google reCaptcha\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Contact Form X is developed and maintained by \u003Ca href=\"https:\u002F\u002Fx.com\u002Fperishable\" rel=\"nofollow ugc\">Jeff Starr\u003C\u002Fa>, 15-year \u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002F\" rel=\"nofollow ugc\">WordPress developer\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002F\" rel=\"nofollow ugc\">book author\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Support development\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>I develop and maintain this free plugin with love for the WordPress community. To show support, you can \u003Ca href=\"https:\u002F\u002Fmonzillamedia.com\u002Fdonate.html\" rel=\"nofollow ugc\">make a donation\u003C\u002Fa> or purchase one of my books:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002F\" rel=\"nofollow ugc\">The Tao of WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fdigwp.com\u002F\" rel=\"nofollow ugc\">Digging into WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fhtaccessbook.com\u002F\" rel=\"nofollow ugc\">.htaccess made easy\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-tao.com\u002Fwordpress-themes-book\u002F\" rel=\"nofollow ugc\">WordPress Themes In Depth\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbooks.perishablepress.com\u002Fdownloads\u002Fwizards-collection-sql-recipes-wordpress\u002F\" rel=\"nofollow ugc\">Wizard’s SQL Recipes for WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>And\u002For purchase one of my premium WordPress plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbbq-pro\u002F\" rel=\"nofollow ugc\">BBQ Pro\u003C\u002Fa> – Blazing fast WordPress firewall\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fblackhole-pro\u002F\" rel=\"nofollow ugc\">Blackhole Pro\u003C\u002Fa> – Automatically block bad bots\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fbanhammer-pro\u002F\" rel=\"nofollow ugc\">Banhammer Pro\u003C\u002Fa> – Monitor traffic and ban the bad guys\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fga-google-analytics-pro\u002F\" rel=\"nofollow ugc\">GA Google Analytics Pro\u003C\u002Fa> – Connect WordPress to Google Analytics\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fhead-meta-pro\u002F\" rel=\"nofollow ugc\">Head Meta Pro\u003C\u002Fa> – Ultimate Meta Tags for WordPress\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fsimple-ajax-chat-pro\u002F\" rel=\"nofollow ugc\">Simple Ajax Chat Pro\u003C\u002Fa> – Unlimited chat rooms\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fplugin-planet.com\u002Fusp-pro\u002F\" rel=\"nofollow ugc\">USP Pro\u003C\u002Fa> – Unlimited front-end forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Links, tweets and likes also appreciated. Thanks! 🙂\u003C\u002Fp>\n","Displays a user-friendly contact form that your visitors will love. Lightweight, fast, secure, and accessible (ADA\u002FWCAG compliant).",19839,32,"2026-02-16T00:10:00.000Z","4.7","5.6.20",[133,79,19,101,21],"ajax","https:\u002F\u002Fperishablepress.com\u002Fcontact-form-x\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-x.3.0.1.zip",1,"2022-02-25 15:41:00",{"attackSurface":139,"codeSignals":162,"taintFlows":231,"riskAssessment":257,"analyzedAt":273},{"hooks":140,"ajaxHandlers":153,"restRoutes":159,"shortcodes":160,"cronEvents":161,"entryPointCount":136,"unprotectedCount":136},[141,148],{"type":142,"name":143,"callback":144,"priority":145,"file":146,"line":147},"action","manage_posts_custom_column","feedback_extended_columns",11,"feedback_extended.php",17,{"type":149,"name":150,"callback":151,"file":146,"line":152},"filter","wp_mail_content_type","anonymous",33,[154],{"action":155,"nopriv":156,"callback":157,"hasNonce":156,"hasCapCheck":156,"file":146,"line":158},"send_feedback_reply",false,"feedback_extended_send_feedback_reply",18,[],[],[],{"dangerousFunctions":163,"sqlUsage":167,"outputEscaping":169,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":230},[164],{"fn":165,"file":146,"line":152,"context":166},"create_function","add_filter('wp_mail_content_type', create_function('', 'return \"text\u002Fhtml\";'));",{"prepared":13,"raw":13,"locations":168},[],{"escaped":170,"rawEcho":33,"locations":171},8,[172,175,177,179,180,181,183,185,187,189,191,193,194,196,198,200,202,204,206,208,210,212,214,216,218,220,222,224,226,228],{"file":146,"line":173,"context":174},51,"raw output",{"file":146,"line":176,"context":174},52,{"file":146,"line":178,"context":174},60,{"file":146,"line":32,"context":174},{"file":146,"line":32,"context":174},{"file":146,"line":182,"context":174},93,{"file":146,"line":184,"context":174},101,{"file":146,"line":186,"context":174},106,{"file":146,"line":188,"context":174},115,{"file":146,"line":190,"context":174},120,{"file":146,"line":192,"context":174},138,{"file":146,"line":192,"context":174},{"file":146,"line":195,"context":174},140,{"file":146,"line":197,"context":174},141,{"file":146,"line":199,"context":174},143,{"file":146,"line":201,"context":174},144,{"file":146,"line":203,"context":174},166,{"file":146,"line":205,"context":174},167,{"file":146,"line":207,"context":174},172,{"file":146,"line":209,"context":174},173,{"file":146,"line":211,"context":174},174,{"file":146,"line":213,"context":174},175,{"file":146,"line":215,"context":174},176,{"file":146,"line":217,"context":174},177,{"file":146,"line":219,"context":174},178,{"file":146,"line":221,"context":174},179,{"file":146,"line":223,"context":174},182,{"file":146,"line":225,"context":174},184,{"file":146,"line":227,"context":174},185,{"file":146,"line":229,"context":174},188,[],[232],{"entryPoint":233,"graph":234,"unsanitizedCount":255,"severity":256},"\u003Cfeedback_extended> (feedback_extended.php:0)",{"nodes":235,"edges":251},[236,241,246,249],{"id":237,"type":238,"label":239,"file":146,"line":240},"n0","source","$_POST (x24)",21,{"id":242,"type":243,"label":244,"file":146,"line":32,"wp_function":245},"n1","sink","echo() [XSS]","echo",{"id":247,"type":238,"label":248,"file":146,"line":240},"n2","$_POST",{"id":250,"type":243,"label":244,"file":146,"line":221,"wp_function":245},"n3",[252,253],{"from":237,"to":242,"sanitized":156},{"from":247,"to":250,"sanitized":254},true,24,"low",{"summary":258,"deductions":259},"The feedback-extended v1.0.0 plugin exhibits a concerning security posture primarily due to a lack of authentication checks on its sole entry point.  The static analysis reveals one AJAX handler that is not protected by any authentication or capability checks, creating a significant attack surface. This unprotected endpoint is a direct path for unauthorized users to interact with the plugin's functionality, potentially leading to unintended consequences.\n\nWhile the plugin demonstrates good practices in other areas, such as using prepared statements for all SQL queries and avoiding file operations and external HTTP requests, these strengths are overshadowed by the fundamental security flaw in its AJAX handling.  The presence of a dangerous function like `create_function` is also a red flag, though the taint analysis did not identify any critical or high-severity issues stemming from it.  The absence of any recorded vulnerabilities in its history is positive, suggesting that past versions might not have had exploitable flaws, or they were not publicly disclosed. However, this historical lack of vulnerabilities should not breed complacency given the identified code-level risks.\n\nIn conclusion, the \"feedback-extended\" plugin's security is severely compromised by its unprotected AJAX endpoint. While it benefits from secure SQL practices and avoids certain risky operations, the critical flaw in its entry point makes it a high risk. The lack of historical vulnerabilities is a minor positive but does not mitigate the immediate risks identified in the code.",[260,262,265,268,271],{"reason":261,"points":11},"Unprotected AJAX handler",{"reason":263,"points":264},"Dangerous function create_function used",3,{"reason":266,"points":267},"Low percentage of properly escaped output",5,{"reason":269,"points":270},"Missing Nonce check on AJAX handler",7,{"reason":272,"points":270},"Missing Capability check on AJAX handler","2026-03-17T01:23:02.930Z",{"wat":275,"direct":284},{"assetPaths":276,"generatorPatterns":278,"scriptPaths":279,"versionParams":281},[277],"\u002Fwp-content\u002Fplugins\u002Ffeedback-extended\u002Ffeedback-extended.css",[],[280],"\u002Fwp-content\u002Fplugins\u002Ffeedback-extended\u002Ffeedback-extended.js",[282,283],"feedback-extended\u002Ffeedback-extended.css?ver=","feedback-extended\u002Ffeedback-extended.js?ver=",{"cssClasses":285,"htmlComments":287,"htmlAttributes":289,"restEndpoints":308,"jsGlobals":309,"shortcodeOutput":312},[23,286],"submitdelete",[288],"\u003C!-- more -->",[290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307],"id=\"fe_reply_area_","id=\"com-reply","id=\"replyrow","id=\"com-reply-","id=\"replyhead","id=\"edithead","id=\"sender-name-","id=\"sender-email-","id=\"recipient-name-","id=\"recipient-email-","id=\"replycontainer","id=\"replycontent-","id=\"initial_message_","id=\"replysubmit","id=\"fe_form_","id=\"replybtn","id=\"waiting","id=\"msg",[],[310,311],"feFeedbackReply","window.feFeedbackReply",[]]