[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fws1PgYQ2pFv-AjKmdDysICHX3-OgdvALnjcGi-P2zT0":3,"$fbRxsX6PhBbDFGxZBPR1AkoK7ks4u3QIMKuLNJu2Mt-E":911,"$fbtwxKbTwSzSh1UOFi_VKqPa7_GjyyemYvPwTdRuW9Xg":915},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":50,"crawl_stats":37,"alternatives":58,"analysis":171,"fingerprints":888},"filled-in","Filled In","1.9.6","FolioVision","https:\u002F\u002Fprofiles.wordpress.org\u002Ffoliovision\u002F","\u003Cp>Filled In is  a generic form processing plugin that will validate and store data submitted through forms. You can use it for any kind of data input, from simple contact forms on a blog to full-blown questionnaires on a business site.\u003C\u002Fp>\n\u003Cp>Features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Customizable data filters and data processors\u003C\u002Fli>\n\u003Cli>Central data storage, with exports to CSV and XML\u003C\u002Fli>\n\u003Cli>Email reporting, with attachments and inline images\u003C\u002Fli>\n\u003Cli>AJAX support (forms always work in browsers without JavaScript)\u003C\u002Fli>\n\u003Cli>Built-in CAPTCHA support\u003C\u002Fli>\n\u003Cli>Built-in poMMo mailing list support\u003C\u002Fli>\n\u003Cli>Built-in file upload support\u003C\u002Fli>\n\u003Cli>Easy to build custom extensions\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Filled In is available in:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003Cli>Danish, thanks to Georg S. Adamsen\u003C\u002Fli>\n\u003Cli>Polish, thanks to Kasia\u003C\u002Fli>\n\u003Cli>Italian, thanks to Simone Righini\u003C\u002Fli>\n\u003Cli>French, thanks to Zesty\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Full documentation can be found on the \u003Ca href=\"http:\u002F\u002Furbangiraffe.com\u002Fplugins\u002Ffilled-in\u002F\" rel=\"nofollow ugc\">Filled In\u003C\u002Fa> page.\u003C\u002Fp>\n","Generic form processor allowing forms to be painlessly processed and aggregated, with numerous options to validate data and perform custom commands",20,14574,66,3,"2025-11-26T16:54:00.000Z","6.7.5","2.7","",[20,21,22],"contact","form","validate","http:\u002F\u002Furbangiraffe.com\u002Fplugins\u002Ffilled-in\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilled-in.zip",99,1,0,"2025-02-11 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[32],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":39,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":28,"updated_date":44,"references":45,"days_to_patch":47,"patch_diff_files":48,"patch_trac_url":37,"research_status":37,"research_verified":49,"research_rounds_completed":27,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":49,"poc_model_used":37,"poc_verification_depth":37},"CVE-2025-22628","filled-in-cross-site-request-forgery-to-stored-cross-site-scripting","Filled In \u003C= 1.9.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting","The Filled In plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",null,"\u003C=1.9.2","1.9.3","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2025-04-21 14:48:38",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8321c669-af27-4454-ab7a-374de4f149cf?source=api-prod",70,[],false,{"slug":51,"display_name":7,"profile_url":8,"plugin_count":52,"total_installs":53,"avg_security_score":54,"avg_patch_time_days":55,"trust_score":56,"computed_at":57},"foliovision",19,47700,93,1098,74,"2026-05-19T20:03:52.703Z",[59,82,102,125,148],{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":26,"last_updated":70,"tested_up_to":71,"requires_at_least":72,"requires_php":18,"tags":73,"homepage":79,"download_link":80,"security_score":81,"vuln_count":27,"unpatched_count":27,"last_vuln_date":37,"fetched_at":29},"block-email-cf7","Contact Form 7 – Blacklist Unwanted Email","1.1.0","abahalkar","https:\u002F\u002Fprofiles.wordpress.org\u002Fabahalkar\u002F","\u003Ch4>Description\u003C\u002Fh4>\n\u003Cp>Contact form 7 – Blacklist unwanted email plugin is designed to restrict Blacklisted, Spam, Generic and Competitor Email domains preventing your valuable downloadable resources or limiting registrations on your website blogs. The plugin is Free and allows blacklisting of around 4750+ free and unwanted domains. Whether you have a small startup or an established online portal you can use our plugin to restrict your undesired subscribers.\u003C\u002Fp>\n\u003Cp>Through CF7 – Blacklist unwanted emails plugin, site admin can manage email field validation. Create a list of unwanted email domains that could cause a validation error and block them e.g. Gmail.com, Yahoo.com, Live.com or Competitorsdomain.com, etc.\u003C\u002Fp>\n\u003Cp>Default settings can be added in the ‘Block Email CF7’ > Enter ‘List of Email Fields to Validate’ > Enter ‘Default Error Message’ > Enter ‘List of Domains to be Blocked\u002FBlacklisted’ followed by a comma.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Allowed only Business or Company email submission.\u003C\u002Fli>\n\u003Cli>Restrict free domains email (likes gmail.com, yahoo.com etc.) from registrations and submissions of forms.\u003C\u002Fli>\n\u003Cli>Block to registrations and submissions of specific form.\u003C\u002Fli>\n\u003Cli>Block a specific email field in case there are multiple email fields in the form.\u003C\u002Fli>\n\u003Cli>Inbuilt plugin functionalities offers blacklisting around 4750+ free and spam domains. \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more details please visit [Official website:]( \u003Ca href=\"http:\u002F\u002Frebrand.ly\u002Fwpprml\" rel=\"nofollow ugc\"> http:\u002F\u002Fwpstudio.org \u003C\u002Fa> )\u003C\u002Fp>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>Here is a demo link for this plugin:\u003Ca href=\"http:\u002F\u002Frebrand.ly\u002Fwppdl\" rel=\"nofollow ugc\">DEMO\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Enjoy! And please don’t forget to rate and ask for support if you face any troubles.\u003C\u002Fp>\n","This is a free add-on plugin for contact form 7, which validates the email field and restrict unwanted email submission as well as allowed only busine &hellip;",400,6137,100,"2019-10-15T18:53:00.000Z","5.3.21","4.2",[74,75,76,77,78],"blacklist-email-domain-for-contact-form-7","block-email-domain-for-contact-form-7","cf7","restrict-email-domain-submission-for-contact-form-7","validate-email-domain-for-contact-form-7","http:\u002F\u002Fwpstudio.org\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fblock-email-cf7.1.1.1.zip",85,{"slug":83,"name":84,"version":85,"author":86,"author_profile":87,"description":88,"short_description":89,"active_installs":27,"downloaded":90,"rating":27,"num_ratings":27,"last_updated":91,"tested_up_to":92,"requires_at_least":93,"requires_php":94,"tags":95,"homepage":99,"download_link":100,"security_score":81,"vuln_count":27,"unpatched_count":27,"last_vuln_date":37,"fetched_at":101},"integrate-cf7-thecheckerco","Integrate Contact Form 7 with TheChecker.co","1.0","jaworowicz","https:\u002F\u002Fprofiles.wordpress.org\u002Fjaworowicz\u002F","\u003Cp>This plugin validate email in Contact From 7\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fthechecker.co\u002F?coupon=JAWOROWICZ\" rel=\"nofollow ugc\">TheChecker.co\u003C\u002Fa>\u003Cbr \u002F>\nRemove spam traps, fake, invalid, old and unused email addresses using our website or API and thus prevent bad reputation penalties from your email service provider.\u003C\u002Fp>\n\u003Cp>Officially approved integration.\u003C\u002Fp>\n\u003Cp>Use:\u003Cbr \u002F>\n1) Enter the Public API Code to Themes > TheChecker.co CF7\u003Cbr \u002F>\n2) Add or edit existing Contact form and put the shortcode\u003Cbr \u002F>\n\\'[email* email class:thechecker-input]\\’\u003Cbr \u002F>\nor add a \\’class:thechecker-input\\’ to existing email shortcode\u003Cbr \u002F>\nor Use a shortcode generator \\’emailchecker\\’\u003Cbr \u002F>\n3) Save Form\u003Cbr \u002F>\n4) Preview and done!\u003C\u002Fp>\n\u003Cp>For Expert Uses:\u003Cbr \u002F>\nYou can fully customize your widget and validiations error just setting some params in javascript.\u003C\u002Fp>\n\u003Cp>Full instruction and review (Lang PL):\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fjaworowi.cz\u002Fthechecker-co-wordpress-10432.php\" rel=\"nofollow ugc\">http:\u002F\u002Fjaworowi.cz\u002Fthechecker-co-wordpress-10432.php\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Free 1000 credit \u002F 1000 email check for new users:\u003Cbr \u002F>\nUse JAWOROWICZ coupon code in signup form or \u003Ca href=\"https:\u002F\u002Fthechecker.co\u002F?coupon=JAWOROWICZ\" rel=\"nofollow ugc\">this link\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>The plugin and integration work fully with SalesManago CF7 Integration.\u003C\u002Fp>\n","TheChecker.co integration for Contact Form 7",1073,"2018-04-24T01:10:00.000Z","4.9.29","4.7","5.6",[96,97,98],"contact-form-7","thechecker-io","validate-email","http:\u002F\u002Fjaworowi.cz\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegrate-cf7-thecheckerco.zip","2026-04-06T09:54:40.288Z",{"slug":96,"name":103,"version":104,"author":105,"author_profile":106,"description":107,"short_description":108,"active_installs":109,"downloaded":110,"rating":111,"num_ratings":112,"last_updated":113,"tested_up_to":114,"requires_at_least":115,"requires_php":116,"tags":117,"homepage":120,"download_link":121,"security_score":122,"vuln_count":123,"unpatched_count":27,"last_vuln_date":124,"fetched_at":29},"Contact Form 7","6.1.5","Rock Lobster Inc.","https:\u002F\u002Fprofiles.wordpress.org\u002Frocklobsterinc\u002F","\u003Cp>Contact Form 7 is a plugin designed to be a practical tool for all WordPress users who embrace the philosophy of free and open source software. It employs sophisticatedly modularized architecture and its original \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fschema-woven-validation\u002F\" rel=\"nofollow ugc\">Schema-Woven Validation\u003C\u002Fa> technology.\u003C\u002Fp>\n\u003Ch4>Docs and support\u003C\u002Fh4>\n\u003Cp>You can find \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fdocs\u002F\" rel=\"nofollow ugc\">docs\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa> and more detailed information about Contact Form 7 on \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002F\" rel=\"nofollow ugc\">contactform7.com\u003C\u002Fa>. When you cannot find the answer to your question on the FAQ or in any of the documentation, check the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fcontact-form-7\u002F\" rel=\"ugc\">support forum\u003C\u002Fa> on WordPress.org. If you cannot locate any topics that pertain to your particular issue, post a new topic for it.\u003C\u002Fp>\n\u003Ch4>Contact Form 7 needs your support\u003C\u002Fh4>\n\u003Cp>It is hard to continue to maintain this plugin without support from users like you. There are several ways for you to \u003Ca href=\"https:\u002F\u002Fcontactform7.com\u002Fcontributing\u002F\" rel=\"nofollow ugc\">contribute to the project\u003C\u002Fa>: testing, coding, translating it into your local languages, helping other users, financial donations, etc, etc. We equally welcome you regardless of the way you contribute.\u003C\u002Fp>\n\u003Ch4>Privacy notices\u003C\u002Fh4>\n\u003Cp>With the default configuration, this plugin, in itself, does not:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>track users by stealth;\u003C\u002Fli>\n\u003Cli>write any user personal data to the database;\u003C\u002Fli>\n\u003Cli>send any data to external servers;\u003C\u002Fli>\n\u003Cli>use cookies.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you activate certain features in this plugin, the contact form submitter’s personal data, including their IP address, may be sent to the service provider. Thus, confirming the provider’s privacy policy is recommended. These features include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>reCAPTCHA (\u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002F?hl=en\" rel=\"nofollow ugc\">Google\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>Akismet (\u003Ca href=\"https:\u002F\u002Fautomattic.com\u002Fprivacy\u002F\" rel=\"nofollow ugc\">Automattic\u003C\u002Fa>)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.constantcontact.com\u002Flegal\u002Fprivacy-center\" rel=\"nofollow ugc\">Constant Contact\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.brevo.com\u002Flegal\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Brevo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fstripe.com\u002Fprivacy\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Turnstile (\u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fturnstile-privacy-policy\u002F\" rel=\"nofollow ugc\">Cloudflare\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n","Just another contact form plugin. Simple but flexible.",10000000,411657681,80,2161,"2026-02-08T09:32:00.000Z","6.9.4","6.7","7.4",[118,119],"contact-form","schema-woven-validation","https:\u002F\u002Fcontactform7.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7.6.1.5.zip",92,8,"2025-04-15 16:56:22",{"slug":126,"name":127,"version":94,"author":128,"author_profile":129,"description":130,"short_description":131,"active_installs":132,"downloaded":133,"rating":134,"num_ratings":135,"last_updated":136,"tested_up_to":114,"requires_at_least":137,"requires_php":138,"tags":139,"homepage":144,"download_link":145,"security_score":25,"vuln_count":146,"unpatched_count":27,"last_vuln_date":147,"fetched_at":29},"akismet","Akismet Anti-spam: Spam Protection","Automattic","https:\u002F\u002Fprofiles.wordpress.org\u002Fautomattic\u002F","\u003Cp>The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.\u003C\u002Fp>\n\u003Cp>Akismet checks your comments and contact form submissions against our global database of spam to prevent your site from publishing malicious content. You can review the comment spam it catches on your blog’s “Comments” admin screen.\u003C\u002Fp>\n\u003Cp>Major features in Akismet include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Automatically checks all comments and filters out the ones that look like spam.\u003C\u002Fli>\n\u003Cli>Each comment has a status history, so you can easily see which comments were caught or cleared by Akismet and which were spammed or unspammed by a moderator.\u003C\u002Fli>\n\u003Cli>URLs are shown in the comment body to reveal hidden or misleading links.\u003C\u002Fli>\n\u003Cli>Moderators can see the number of approved comments for each user.\u003C\u002Fli>\n\u003Cli>A discard feature that outright blocks the worst spam, saving you disk space and speeding up your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>PS: You’ll be prompted to get an Akismet.com API key to use it, once activated. Keys are free for personal blogs; paid subscriptions are available for businesses and commercial sites.\u003C\u002Fp>\n","The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.",6000000,387141886,94,1176,"2025-11-12T16:31:00.000Z","5.8","7.2",[140,141,142,118,143],"anti-spam","antispam","comments","spam","https:\u002F\u002Fakismet.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fakismet.5.6.zip",2,"2015-10-13 00:00:00",{"slug":149,"name":150,"version":151,"author":152,"author_profile":153,"description":154,"short_description":155,"active_installs":132,"downloaded":156,"rating":157,"num_ratings":158,"last_updated":159,"tested_up_to":114,"requires_at_least":160,"requires_php":138,"tags":161,"homepage":166,"download_link":167,"security_score":168,"vuln_count":169,"unpatched_count":27,"last_vuln_date":170,"fetched_at":29},"wpforms-lite","WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More","1.10.0.4","Syed Balkhi","https:\u002F\u002Fprofiles.wordpress.org\u002Fsmub\u002F","\u003Ch4>WordPress Contact Form Builder Plugin\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPForms\u003C\u002Fa> is a drag & drop WordPress form builder that’s EASY and POWERFUL. Create contact forms, feedback forms, subscription forms, payment forms (including Stripe, Square & PayPal), and other types of forms for your site in minutes with just a few clicks!\u003C\u002Fp>\n\u003Cp>At WPForms, user experience is our #1 priority. Our pre-built form templates and workflows make WPForms the most beginner-friendly contact form plugin on the market. You don’t have to hire a developer. Create a form in less than 5 minutes with our drag & drop form builder or use a template to get a head start.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>WPForms Pro\u003C\u002Fstrong>\u003Cbr \u002F>\n  This plugin is the Lite version of WPForms Pro, which comes with email subscription forms, multi-page contact forms, file uploads, conditional logic, and extra payment integrations. \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Click here to purchase the best premium WordPress contact form plugin now!\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"WPForms - the Best WordPress Contact Form Plugin\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F1180577946?dnt=1&app_id=122963\" width=\"750\" height=\"422\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\">\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch4>Drag & Drop Contact Form Builder\u003C\u002Fh4>\n\u003Cp>Create custom contact forms in minutes with our easy-to-use \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fdrag-drop-online-form-builder\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">drag and drop online form builder\u003C\u002Fa>. But don’t just take our word for it. See what WordPress experts are saying:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>WPForms is by far the \u003Cstrong>easiest form plugin to use\u003C\u002Fstrong>. My clients love WPForms and it’s one of the few plugins they can use without any training. As a developer I appreciate how fast, modern, clean and extensible it is.\u003Cbr \u002F>\n  Bill Erickson – Expert WordPress Consultant\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Pre-built Form Templates\u003C\u002Fh4>\n\u003Cp>WPForms comes with \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ftemplates\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">2100+ pre-built form templates\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Whether you’re looking to create a simple contact form, marketing form, request a quote form, donation form, payment order form, registration form, Stripe payment form, or a subscription form, we have a form template already prepared and ready to use.\u003C\u002Fp>\n\u003Ch4>Mobile Ready, SEO Friendly, and Optimized for Speed\u003C\u002Fh4>\n\u003Cp>WPForms contact forms are 100% responsive and mobile-friendly. We optimized every query on the frontend and the backend to ensure that it’s one of the fastest WordPress contact form plugins.\u003C\u002Fp>\n\u003Cp>You can embed your contact form on any page with an optimized title and description, so WPForms is one of the most SEO friendly contact form plugins too.\u003C\u002Fp>\n\u003Ch4>Fields & Features You Need to Succeed\u003C\u002Fh4>\n\u003Cp>With star ratings, file uploads, repeater fields, survey fields, and multi-page contact forms, you can easily build the right custom form for your site’s needs. Plus, integrate your contact forms with an email marketing service in just a few steps and collect payments with Stripe, PayPal, and Square for bookings and orders without the need for a dedicated eCommerce plugin.\u003C\u002Fp>\n\u003Cp>See what one business owner has to say about their WPForms contact form:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>As a business owner, time is my most valuable asset. WPForms allows me to create smart contact forms with just a few clicks. With their pre-built form templates and the drag & drop builder, I can create a new form that works in less than 2 minutes without writing a single line of code. Well worth the investment.\u003Cbr \u002F>\n  David Henzel – Co-founder of MaxCDN\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Surveys & Polls\u003C\u002Fh4>\n\u003Cp>Create custom survey forms like Survey Monkey. Our \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fsurveys-and-polls-addon?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WordPress survey plugin addon\u003C\u002Fa> comes with smart survey fields including Likert scale, star ratings, and NPS. Embed your surveys and polls anywhere in WordPress.\u003C\u002Fp>\n\u003Cp>Use our survey reporting tools to customize graphs, export them for presentations, and display aggregate results. You can also share poll results instantly when collecting votes.\u003C\u002Fp>\n\u003Ch4>Default WordPress Forms\u003C\u002Fh4>\n\u003Cp>Aside from building simple contact forms, WPForms also helps you create better default WordPress forms, like custom WordPress login forms and custom WordPress user registration forms. Create a password-protected contact form or even a members-only contact form.\u003C\u002Fp>\n\u003Cp>Bloggers and publishers can use our WordPress post submission forms to accept guest posts, testimonials, and more.\u003C\u002Fp>\n\u003Ch4>Payment Forms, Donation Forms, Booking Forms, and More\u003C\u002Fh4>\n\u003Cp>While WPForms started out as a contact form plugin, it has evolved into a powerful custom forms solution for any type of payment or booking form.\u003C\u002Fp>\n\u003Cp>WPForms integrates with PayPal, Stripe, Square Payments, and Authorize.Net so you can easily accept credit card payments or take payments via PayPal. Bonus: you can also take signatures.\u003C\u002Fp>\n\u003Cp>We’re proud to be a Stripe Verified Partner. This partnership allows us to build the best Stripe integration with early access to features. You can use our Stripe integration to accept both one-time payments as well as recurring payments while syncing all form data to your Stripe account.\u003C\u002Fp>\n\u003Ch4>Custom Calculator Forms\u003C\u002Fh4>\n\u003Cp>Using the \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fcalculations-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPForms Calculations addon\u003C\u002Fa>, you can build custom formulas and display results on the frontend.\u003C\u002Fp>\n\u003Cp>Create simple arithmetic calculations or build complex conditional calculations with rounded values, averages, time ranges, and more! It’s the best calculator plugin for WordPress.\u003C\u002Fp>\n\u003Ch4>Forms Optimized for Conversions\u003C\u002Fh4>\n\u003Cp>With our Form Pages addon, you can create distraction-free custom form landing pages to increase conversions.\u003C\u002Fp>\n\u003Cp>To improve form completion rates, we created Conversational Forms which helps you make your feedback forms feel more human by adding an interactive layout. (\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fconversational-forms-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">See Conversational Forms Demo\u003C\u002Fa>).\u003C\u002Fp>\n\u003Ch4>Easy to Customize and Extend\u003C\u002Fh4>\n\u003Cp>You can easily customize your contact forms with our section dividers, HTML blocks, and CSS. Embedding forms in Elementor and Divi has never been easier thanks to our native integrations.\u003C\u002Fp>\n\u003Cp>We also know that our developer friends may want more control, so we added tons of hooks and filters.\u003C\u002Fp>\n\u003Ch4>Full WPForms Feature List\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fdrag-drop-online-form-builder\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Online form builder\u003C\u002Fa> – powerful drag & drop contact form builder. Create WordPress contact forms, payment forms, and other online forms without writing any code.\u003C\u002Fli>\n\u003Cli>100% mobile responsive.\u003C\u002Fli>\n\u003Cli>GDPR friendly.\u003C\u002Fli>\n\u003Cli>Payment Forms – Take payments, donations, down payments, recurring payments, service payments with our Stripe (FREE) integration.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ftemplates\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Form templates\u003C\u002Fa> pre-built and ready to import.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Fdocs\u002Fstyling-your-forms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Form styling\u003C\u002Fa> for fields, labels, and buttons.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fspam-protection\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Spam protection\u003C\u002Fa> built in, plus integrations with hCaptcha, Google reCAPTCHA, and Cloudflare Turnstile.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fwpforms-ai\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">AI Forms\u003C\u002Fa> to automatically create and refine forms through natural conversation.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Finstant-notifications\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Instant form notifications\u003C\u002Fa> via email.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fform-confirmation\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Custom form confirmations\u003C\u002Fa> with success messages or thank you pages.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Fdocs\u002Fhow-to-choose-the-right-form-field-for-your-forms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin#phone\" rel=\"nofollow ugc\">Smart phone field\u003C\u002Fa> that adapts to your visitor’s location.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fwpforms-ai\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">AI Choices\u003C\u002Fa> to automatically populate Multiple Choice, Checkboxes, and Dropdown field options.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fcoupons-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Coupons\u003C\u002Fa> for free shipping and sale discounts.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fcalculations-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Calculator forms\u003C\u002Fa> for payment, shipping, billing, and more.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Ffile-uploads\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">File upload fields\u003C\u002Fa> for user submissions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fmulti-page-forms\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Multi-page forms\u003C\u002Fa> with progress bars.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fconditional-logic\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Smart conditional logic\u003C\u002Fa> to show or hide fields.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Frepeater-field\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Repeater field\u003C\u002Fa> that enables the person filling out the form to easily add another field or group of fields to fill out. Perfect for group registration forms, custom order forms, and more.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fdigital-signatures\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Signatures\u003C\u002Fa> for agreements or payment forms.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fuser-registration\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">User registration forms\u003C\u002Fa> and custom login forms.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fpost-submissions\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Post submission forms\u003C\u002Fa> to collect user-generated content.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fgeolocation-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Geolocation\u003C\u002Fa> to collect location data along with submissions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fsurveys-and-polls-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Surveys and Polls\u003C\u002Fa> with interactive reports.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fform-abandonment\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Form abandonment detection\u003C\u002Fa> to collect partial form submissions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fform-locker-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Form locker\u003C\u002Fa> to control access using passwords, dates, and more.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Foffline-forms-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Offline forms\u003C\u002Fa> to collect submissions without an internet connection.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fform-pages-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Form landing pages\u003C\u002Fa> to boost conversions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fconversational-forms-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Conversational forms\u003C\u002Fa> to boost overall completion rates.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Flead-forms-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Lead forms\u003C\u002Fa> to get more submissions with multi-step layouts.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fwebhooks-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Webhooks\u003C\u002Fa> to send data without third party connectors.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fuser-journey-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">User Journey reports\u003C\u002Fa> so you know which content is driving form conversions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fsave-and-resume-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Save and Resume\u003C\u002Fa> to let visitors save and come back later.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fentry-automation-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Entry Automation\u003C\u002Fa> to export and delete form entries on a daily, weekly, or monthly basis.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Integrations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fgoogle-sheets-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Google Sheets\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fzapier-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Zapier\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fpaypal-commerce\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">PayPal Commerce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fstripe-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Stripe\u003C\u002Fa> – We’re a Stripe Verified Partner for Payments.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fsquare-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Square\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fauthorize-net-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Authorize.Net\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fmailchimp-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Mailchimp\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Faweber-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">AWeber\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fcampaign-monitor-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Campaign Monitor\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fgetresponse-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">GetResponse\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fconstant-contact\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Constant Contact\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fairtable-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Airtable\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fnotion-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Notion\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fdrip-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Drip\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Factivecampaign-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">ActiveCampaign\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fhubspot-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">HubSpot\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fbrevo-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Brevo\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fmailerlite-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">MailerLite\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fmailpoet-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">MailPoet\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fconvertkit-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">ConvertKit\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fsalesforce-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Salesforce\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fslack-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Slack\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fdropbox-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Dropbox\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fgoogle-calendar-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Google Calendar\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fgoogle-drive-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Google Drive\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Ftwilio-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Twilio\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fpipedrive-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Pipedrive\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fmake-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Make\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fquiz-addon\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Quiz\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002Fzoho-crm-addon\u002F\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Zoho CRM\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>You can see why WPForms is the best WordPress contact form plugin on the market! Want to unlock these features? \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">Upgrade to our Pro version\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cp>This plugin is created by \u003Ca href=\"https:\u002F\u002Fsyedbalkhi.com\u002F\" rel=\"nofollow ugc\">Syed Balkhi\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Branding Guidelines\u003C\u002Fh4>\n\u003Cp>WPForms&reg; is a registered trademark of WPForms LLC. When writing about the contact form plugin by WPForms, please make sure to uppercase the initial 3 letters.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>WPForms (correct)\u003C\u002Fli>\n\u003Cli>WP Forms (incorrect)\u003C\u002Fli>\n\u003Cli>wpforms (incorrect)\u003C\u002Fli>\n\u003Cli>wpform (incorrect)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>WPForms is absolutely, positively the most \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">beginner-friendly WordPress contact form plugin\u003C\u002Fa> on the market. It is both easy and powerful.\u003C\u002Fp>\n\u003Cp>We took the pain out of creating online forms and made it easy. Check out all \u003Ca href=\"https:\u002F\u002Fwpforms.com\u002Ffeatures\u002F?utm_source=wprepo&utm_medium=link&utm_campaign=liteplugin\" rel=\"nofollow ugc\">WPForms features\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Also, I’m the founder of \u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002F\" rel=\"nofollow ugc\">WPBeginner\u003C\u002Fa>, the largest WordPress resource site for beginners. It was a huge priority for me to make a WordPress contact form plugin that beginners can use without any training.\u003C\u002Fp>\n\u003Cp>I feel that we have done that here. I hope you enjoy using WPForms.\u003C\u002Fp>\n\u003Cp>Thank you,\u003C\u002Fp>\n\u003Cp>Syed Balkhi\u003C\u002Fp>\n","The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.",325270392,96,14305,"2026-04-10T13:56:00.000Z","5.5",[118,162,163,164,165],"contact-form-plugin","custom-form","form-builder","forms","https:\u002F\u002Fwpforms.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpforms-lite.1.10.0.4.zip",88,16,"2026-03-31 00:00:00",{"attackSurface":172,"codeSignals":267,"taintFlows":524,"riskAssessment":867,"analyzedAt":887},{"hooks":173,"ajaxHandlers":262,"restRoutes":263,"shortcodes":264,"cronEvents":265,"entryPointCount":27,"unprotectedCount":27},[174,179,184,187,191,194,197,201,205,208,212,216,219,222,224,227,230,233,237,238,242,245,250,253,256,259],{"type":175,"name":176,"callback":177,"file":178,"line":52},"action","activate_filled-in\u002Ffilled_in.php","activate","controller\\admin.php",{"type":180,"name":181,"callback":182,"file":178,"line":183},"filter","admin_menu","anonymous",23,{"type":175,"name":185,"callback":182,"file":178,"line":186},"wp_print_scripts",24,{"type":175,"name":188,"callback":189,"file":178,"line":190},"admin_head","wp_print_styles",25,{"type":175,"name":192,"callback":189,"file":178,"line":193},"admin_print_styles",26,{"type":175,"name":195,"callback":182,"file":178,"line":196},"admin_footer",27,{"type":180,"name":198,"callback":198,"priority":199,"file":178,"line":200},"contextual_help",10,28,{"type":175,"name":202,"callback":203,"file":178,"line":204},"admin_init","check_after_update",33,{"type":180,"name":206,"callback":182,"file":178,"line":207},"audit_collect",38,{"type":175,"name":209,"callback":210,"file":211,"line":186},"filled_in_cron_delete_failed_sumbmitions_event","filled_in_cron_delete_failed_sumbmitions","controller\\cron.php",{"type":175,"name":213,"callback":214,"file":215,"line":193},"wp_loaded","grab_post_data","controller\\front.php",{"type":175,"name":217,"callback":218,"file":215,"line":200},"template_redirect","handle_ajax",{"type":175,"name":217,"callback":220,"priority":146,"file":215,"line":221},"pre_load",32,{"type":180,"name":223,"callback":223,"file":215,"line":204},"the_content",{"type":180,"name":225,"callback":223,"file":215,"line":226},"the_excerpt",34,{"type":180,"name":228,"callback":223,"file":215,"line":229},"widget_text",35,{"type":180,"name":231,"callback":182,"file":215,"line":232},"the_filled_in_form",36,{"type":180,"name":223,"callback":234,"priority":235,"file":215,"line":236},"form_clean",15,37,{"type":180,"name":225,"callback":234,"priority":235,"file":215,"line":207},{"type":180,"name":239,"callback":240,"file":215,"line":241},"spu\u002Fpopup\u002Fcontent","popups_support",40,{"type":175,"name":243,"callback":182,"file":215,"line":244},"wp_head",95,{"type":175,"name":246,"callback":247,"file":248,"line":249},"init","load_locale","plugin.php",140,{"type":175,"name":181,"callback":251,"file":248,"line":252},"compatibility_27",144,{"type":175,"name":181,"callback":254,"file":248,"line":255},"compatibility_26",147,{"type":175,"name":181,"callback":257,"file":248,"line":258},"compatibility_25",150,{"type":175,"name":260,"callback":182,"file":248,"line":261},"dbx_post_advanced",232,[],[],[],[266],{"hook":209,"callback":209,"file":211,"line":221},{"dangerousFunctions":268,"sqlUsage":384,"outputEscaping":498,"fileOperations":199,"externalRequests":27,"nonceChecks":522,"capabilityChecks":241,"bundledLibraries":523},[269,273,276,280,282,284,287,289,291,293,297,300,301,303,306,308,310,314,316,318,322,324,327,329,332,335,338,341,343,346,349,352,355,356,359,361,362,364,367,371,374,375,377,380,383],{"fn":270,"file":215,"line":271,"context":272},"assert",352,"assert (is_a ($form, 'FI_Form'));",{"fn":270,"file":215,"line":274,"context":275},353,"assert (is_string ($text));",{"fn":270,"file":277,"line":278,"context":279},"extensions\\post\\email-wp.php",130,"assert (is_a ($source, 'FI_Data'));",{"fn":270,"file":277,"line":281,"context":279},187,{"fn":270,"file":277,"line":283,"context":279},215,{"fn":270,"file":285,"line":286,"context":279},"extensions\\post\\email.php",154,{"fn":270,"file":285,"line":288,"context":279},189,{"fn":270,"file":285,"line":290,"context":279},221,{"fn":270,"file":292,"line":56,"context":279},"extensions\\result\\display_message.php",{"fn":270,"file":294,"line":295,"context":296},"models\\data\\source_cookies.php",9,"assert (is_array ($config));",{"fn":298,"file":294,"line":11,"context":299},"unserialize","$this->data = unserialize ($data->cookie);",{"fn":270,"file":294,"line":204,"context":275},{"fn":270,"file":294,"line":226,"context":302},"assert (is_bool ($encode));",{"fn":298,"file":304,"line":229,"context":305},"models\\data\\source_files.php","$this->data = unserialize ($data->upload);",{"fn":270,"file":304,"line":307,"context":275},91,{"fn":270,"file":304,"line":122,"context":309},"assert (is_a ($errors, 'FI_Errors'));",{"fn":298,"file":311,"line":312,"context":313},"models\\data\\source_post.php",42,"$this->data = @unserialize ($data->data);",{"fn":270,"file":311,"line":315,"context":275},118,{"fn":270,"file":311,"line":317,"context":302},119,{"fn":270,"file":319,"line":320,"context":321},"models\\data.php",61,"assert ('intval ($formid) > 0');",{"fn":270,"file":319,"line":323,"context":309},126,{"fn":270,"file":319,"line":325,"context":326},135,"assert (is_a ($pager, 'FI_Pager'));",{"fn":270,"file":319,"line":328,"context":326},169,{"fn":270,"file":330,"line":295,"context":331},"models\\email_attachment.php","assert ('strlen ($template) > 0');",{"fn":298,"file":333,"line":52,"context":334},"models\\errors.php","$this->message = unserialize ($this->message);",{"fn":270,"file":333,"line":336,"context":337},45,"assert ('intval ($form_id) > 0');",{"fn":270,"file":333,"line":339,"context":340},46,"assert ('intval ($data_id) > 0');",{"fn":270,"file":333,"line":168,"context":342},"assert (is_array ($extensions));",{"fn":270,"file":344,"line":190,"context":345},"models\\extensions\\filter.php","assert (is_a ($config, 'FI_Data_POST'));",{"fn":270,"file":344,"line":347,"context":348},31,"assert (is_a ($data, 'FI_Data'));",{"fn":270,"file":350,"line":186,"context":351},"models\\extensions.php","assert (is_array ($values));",{"fn":298,"file":350,"line":353,"context":354},30,"$this->config = unserialize ($this->config);",{"fn":270,"file":350,"line":229,"context":321},{"fn":270,"file":350,"line":357,"context":358},58,"assert ('intval ($id) > 0');",{"fn":270,"file":350,"line":360,"context":345},75,{"fn":270,"file":350,"line":25,"context":321},{"fn":270,"file":350,"line":69,"context":363},"assert (is_string ($type));",{"fn":270,"file":350,"line":365,"context":366},162,"assert (is_array ($order));",{"fn":270,"file":368,"line":369,"context":370},"models\\file_upload.php",48,"assert (is_string ($dest));",{"fn":298,"file":372,"line":196,"context":373},"models\\form.php","$this->options = unserialize ($this->options);",{"fn":270,"file":372,"line":226,"context":326},{"fn":270,"file":372,"line":323,"context":376},"assert (is_string ($newname));",{"fn":270,"file":372,"line":378,"context":379},127,"assert (is_string ($quick));",{"fn":270,"file":381,"line":54,"context":382},"models\\form_replacer.php","assert (is_array ($matches));",{"fn":270,"file":381,"line":315,"context":382},{"prepared":385,"raw":386,"locations":387},56,59,[388,391,393,395,396,398,400,402,404,407,409,411,413,415,417,419,420,421,423,425,426,428,430,432,434,436,438,440,442,444,446,448,450,452,454,456,458,460,463,464,467,468,470,472,474,475,476,478,480,481,482,484,487,489,491,492,493,494,496],{"file":178,"line":389,"context":390},151,"$wpdb->query() with variable interpolation",{"file":178,"line":392,"context":390},152,{"file":178,"line":394,"context":390},153,{"file":178,"line":286,"context":390},{"file":178,"line":397,"context":390},155,{"file":178,"line":399,"context":390},156,{"file":178,"line":401,"context":390},158,{"file":178,"line":403,"context":390},167,{"file":178,"line":405,"context":406},180,"$wpdb->get_results() with variable interpolation",{"file":178,"line":408,"context":390},184,{"file":178,"line":410,"context":406},188,{"file":178,"line":412,"context":390},192,{"file":178,"line":414,"context":406},195,{"file":178,"line":416,"context":390},199,{"file":178,"line":418,"context":406},203,{"file":178,"line":283,"context":390},{"file":178,"line":290,"context":406},{"file":178,"line":422,"context":390},226,{"file":178,"line":424,"context":390},231,{"file":178,"line":261,"context":390},{"file":178,"line":427,"context":390},233,{"file":178,"line":429,"context":390},234,{"file":178,"line":431,"context":390},235,{"file":178,"line":433,"context":390},236,{"file":178,"line":435,"context":390},238,{"file":178,"line":437,"context":390},239,{"file":178,"line":439,"context":390},244,{"file":178,"line":441,"context":390},245,{"file":178,"line":443,"context":390},246,{"file":178,"line":445,"context":390},249,{"file":178,"line":447,"context":390},250,{"file":178,"line":449,"context":390},600,{"file":178,"line":451,"context":390},601,{"file":178,"line":453,"context":390},602,{"file":178,"line":455,"context":390},603,{"file":178,"line":457,"context":390},604,{"file":459,"line":235,"context":390},"custom_scripts\\filled_in_cleaner.php",{"file":461,"line":353,"context":462},"extensions\\post\\redmine.php","$wpdb->get_var() with variable interpolation",{"file":461,"line":204,"context":390},{"file":465,"line":226,"context":466},"models\\data\\source_server.php","$wpdb->get_row() with variable interpolation",{"file":465,"line":236,"context":390},{"file":319,"line":469,"context":390},65,{"file":319,"line":471,"context":466},109,{"file":319,"line":473,"context":390},120,{"file":319,"line":394,"context":462},{"file":319,"line":399,"context":406},{"file":319,"line":477,"context":462},173,{"file":319,"line":479,"context":406},176,{"file":333,"line":347,"context":466},{"file":333,"line":241,"context":390},{"file":333,"line":483,"context":390},54,{"file":333,"line":485,"context":486},57,"$wpdb->get_col() with variable interpolation",{"file":333,"line":488,"context":390},62,{"file":333,"line":490,"context":390},63,{"file":350,"line":241,"context":406},{"file":350,"line":320,"context":466},{"file":350,"line":47,"context":390},{"file":495,"line":469,"context":462},"models\\stats.php",{"file":495,"line":497,"context":466},71,{"escaped":499,"rawEcho":199,"locations":500},843,[501,503,505,507,510,511,513,515,517,519],{"file":215,"line":399,"context":502},"raw output",{"file":215,"line":504,"context":502},174,{"file":215,"line":506,"context":502},197,{"file":508,"line":509,"context":502},"view\\admin\\form\\form_replace.php",22,{"file":508,"line":193,"context":502},{"file":508,"line":512,"context":502},29,{"file":514,"line":146,"context":502},"view\\admin\\form\\form_replace_ajax.php",{"file":514,"line":516,"context":502},6,{"file":518,"line":52,"context":502},"view\\admin\\form\\list_entry.php",{"file":520,"line":521,"context":502},"view\\admin\\stat\\stat_details.php",69,18,[],[525,562,573,584,609,666,677,687,697,706,716,735,744,753,766,778,786,811],{"entryPoint":526,"graph":527,"unsanitizedCount":26,"severity":40},"edit_report (controller\\admin.php:336)",{"nodes":528,"edges":556},[529,534,538,544,548,551],{"id":530,"type":531,"label":532,"file":178,"line":533},"n0","source","$_POST['new_name']",341,{"id":535,"type":536,"label":537,"file":178,"line":533},"n1","transform","→ update_details()",{"id":539,"type":540,"label":541,"file":372,"line":542,"wp_function":543},"n2","sink","query() [SQLi]",145,"query",{"id":545,"type":531,"label":546,"file":178,"line":547},"n3","$_POST",345,{"id":549,"type":536,"label":550,"file":178,"line":547},"n4","→ render_error()",{"id":552,"type":540,"label":553,"file":248,"line":554,"wp_function":555},"n5","echo() [XSS]",395,"echo",[557,558,560,561],{"from":530,"to":535,"sanitized":49},{"from":535,"to":539,"sanitized":559},true,{"from":545,"to":549,"sanitized":49},{"from":549,"to":552,"sanitized":49},{"entryPoint":563,"graph":564,"unsanitizedCount":26,"severity":40},"display_report (controller\\admin.php:351)",{"nodes":565,"edges":570},[566,568,569],{"id":530,"type":531,"label":546,"file":178,"line":567},361,{"id":535,"type":536,"label":550,"file":178,"line":567},{"id":539,"type":540,"label":553,"file":248,"line":554,"wp_function":555},[571,572],{"from":530,"to":535,"sanitized":49},{"from":535,"to":539,"sanitized":49},{"entryPoint":574,"graph":575,"unsanitizedCount":26,"severity":40},"display_form_list (controller\\admin.php:483)",{"nodes":576,"edges":581},[577,579,580],{"id":530,"type":531,"label":546,"file":178,"line":578},491,{"id":535,"type":536,"label":550,"file":178,"line":578},{"id":539,"type":540,"label":553,"file":248,"line":554,"wp_function":555},[582,583],{"from":530,"to":535,"sanitized":49},{"from":535,"to":539,"sanitized":49},{"entryPoint":585,"graph":586,"unsanitizedCount":26,"severity":40},"\u003Cattachment> (controller\\attachment.php:0)",{"nodes":587,"edges":604},[588,592,593,595,596,598,600],{"id":530,"type":531,"label":589,"file":590,"line":591},"$_SERVER['REQUEST_URI']","controller\\attachment.php",49,{"id":535,"type":540,"label":553,"file":590,"line":591,"wp_function":555},{"id":539,"type":531,"label":594,"file":590,"line":123},"$_GET (x2)",{"id":545,"type":540,"label":553,"file":590,"line":490,"wp_function":555},{"id":549,"type":531,"label":597,"file":590,"line":353},"$_GET",{"id":552,"type":536,"label":599,"file":590,"line":353},"→ download()",{"id":601,"type":540,"label":602,"file":330,"line":485,"wp_function":603},"n6","header() [Header Injection]","header",[605,606,607,608],{"from":530,"to":535,"sanitized":559},{"from":539,"to":545,"sanitized":559},{"from":549,"to":552,"sanitized":49},{"from":552,"to":601,"sanitized":49},{"entryPoint":610,"graph":611,"unsanitizedCount":27,"severity":665},"display_options (controller\\admin.php:452)",{"nodes":612,"edges":656},[613,616,619,622,623,626,627,630,632,636,638,642,644,648,650,654],{"id":530,"type":531,"label":614,"file":178,"line":615},"$_POST['smtp_host']",461,{"id":535,"type":540,"label":617,"file":178,"line":615,"wp_function":618},"update_option() [Settings Manipulation]","update_option",{"id":539,"type":531,"label":620,"file":178,"line":621},"$_POST['smtp_port']",462,{"id":545,"type":540,"label":617,"file":178,"line":621,"wp_function":618},{"id":549,"type":531,"label":624,"file":178,"line":625},"$_POST['smtp_ssl']",463,{"id":552,"type":540,"label":617,"file":178,"line":625,"wp_function":618},{"id":601,"type":531,"label":628,"file":178,"line":629},"$_POST['smtp_username']",464,{"id":631,"type":540,"label":617,"file":178,"line":629,"wp_function":618},"n7",{"id":633,"type":531,"label":634,"file":178,"line":635},"n8","$_POST['smtp_password']",465,{"id":637,"type":540,"label":617,"file":178,"line":635,"wp_function":618},"n9",{"id":639,"type":531,"label":640,"file":178,"line":641},"n10","$_POST['attachments']",466,{"id":643,"type":540,"label":617,"file":178,"line":641,"wp_function":618},"n11",{"id":645,"type":531,"label":646,"file":178,"line":647},"n12","$_POST['uploads']",467,{"id":649,"type":540,"label":617,"file":178,"line":647,"wp_function":618},"n13",{"id":651,"type":531,"label":652,"file":178,"line":653},"n14","$_POST['cookies']",468,{"id":655,"type":540,"label":617,"file":178,"line":653,"wp_function":618},"n15",[657,658,659,660,661,662,663,664],{"from":530,"to":535,"sanitized":559},{"from":539,"to":545,"sanitized":559},{"from":549,"to":552,"sanitized":559},{"from":601,"to":631,"sanitized":559},{"from":633,"to":637,"sanitized":559},{"from":639,"to":643,"sanitized":559},{"from":645,"to":649,"sanitized":559},{"from":651,"to":655,"sanitized":559},"low",{"entryPoint":667,"graph":668,"unsanitizedCount":27,"severity":665},"\u003Ctemplates> (view\\admin\\email\\templates.php:0)",{"nodes":669,"edges":675},[670,674],{"id":530,"type":531,"label":671,"file":672,"line":673},"$_SERVER['REQUEST_URI'] (x2)","view\\admin\\email\\templates.php",12,{"id":535,"type":540,"label":553,"file":672,"line":673,"wp_function":555},[676],{"from":530,"to":535,"sanitized":559},{"entryPoint":678,"graph":679,"unsanitizedCount":27,"severity":665},"\u003Ccurrent> (view\\admin\\extension\\current.php:0)",{"nodes":680,"edges":685},[681,684],{"id":530,"type":531,"label":589,"file":682,"line":683},"view\\admin\\extension\\current.php",14,{"id":535,"type":540,"label":553,"file":682,"line":683,"wp_function":555},[686],{"from":530,"to":535,"sanitized":559},{"entryPoint":688,"graph":689,"unsanitizedCount":27,"severity":665},"\u003Cedit> (view\\admin\\form\\edit.php:0)",{"nodes":690,"edges":695},[691,694],{"id":530,"type":531,"label":671,"file":692,"line":693},"view\\admin\\form\\edit.php",4,{"id":535,"type":540,"label":553,"file":692,"line":693,"wp_function":555},[696],{"from":530,"to":535,"sanitized":559},{"entryPoint":698,"graph":699,"unsanitizedCount":27,"severity":665},"\u003Clist> (view\\admin\\form\\list.php:0)",{"nodes":700,"edges":704},[701,703],{"id":530,"type":531,"label":671,"file":702,"line":232},"view\\admin\\form\\list.php",{"id":535,"type":540,"label":553,"file":702,"line":232,"wp_function":555},[705],{"from":530,"to":535,"sanitized":559},{"entryPoint":707,"graph":708,"unsanitizedCount":27,"severity":665},"\u003Coptions> (view\\admin\\options.php:0)",{"nodes":709,"edges":714},[710,713],{"id":530,"type":531,"label":671,"file":711,"line":712},"view\\admin\\options.php",11,{"id":535,"type":540,"label":553,"file":711,"line":712,"wp_function":555},[715],{"from":530,"to":535,"sanitized":559},{"entryPoint":717,"graph":718,"unsanitizedCount":27,"severity":665},"\u003Cpager_top> (view\\admin\\pager_top.php:0)",{"nodes":719,"edges":731},[720,723,724,726,727,730],{"id":530,"type":531,"label":721,"file":722,"line":516},"$_GET['total']","view\\admin\\pager_top.php",{"id":535,"type":540,"label":553,"file":722,"line":516,"wp_function":555},{"id":539,"type":531,"label":725,"file":722,"line":123},"$_GET['errors']",{"id":545,"type":540,"label":553,"file":722,"line":123,"wp_function":555},{"id":549,"type":531,"label":728,"file":722,"line":729},"$_GET['search']",13,{"id":552,"type":540,"label":553,"file":722,"line":729,"wp_function":555},[732,733,734],{"from":530,"to":535,"sanitized":559},{"from":539,"to":545,"sanitized":559},{"from":549,"to":552,"sanitized":559},{"entryPoint":736,"graph":737,"unsanitizedCount":27,"severity":665},"\u003Cedit> (view\\admin\\report\\edit.php:0)",{"nodes":738,"edges":742},[739,741],{"id":530,"type":531,"label":589,"file":740,"line":516},"view\\admin\\report\\edit.php",{"id":535,"type":540,"label":553,"file":740,"line":516,"wp_function":555},[743],{"from":530,"to":535,"sanitized":559},{"entryPoint":745,"graph":746,"unsanitizedCount":27,"severity":665},"\u003Creport> (view\\admin\\report\\report.php:0)",{"nodes":747,"edges":751},[748,750],{"id":530,"type":531,"label":671,"file":749,"line":729},"view\\admin\\report\\report.php",{"id":535,"type":540,"label":553,"file":749,"line":729,"wp_function":555},[752],{"from":530,"to":535,"sanitized":559},{"entryPoint":754,"graph":755,"unsanitizedCount":27,"severity":665},"\u003Cstatistics> (view\\admin\\stat\\statistics.php:0)",{"nodes":756,"edges":763},[757,759,760,762],{"id":530,"type":531,"label":671,"file":758,"line":729},"view\\admin\\stat\\statistics.php",{"id":535,"type":540,"label":553,"file":758,"line":729,"wp_function":555},{"id":539,"type":531,"label":728,"file":758,"line":761},21,{"id":545,"type":540,"label":553,"file":758,"line":761,"wp_function":555},[764,765],{"from":530,"to":535,"sanitized":559},{"from":539,"to":545,"sanitized":559},{"entryPoint":767,"graph":768,"unsanitizedCount":26,"severity":777},"save (models\\errors.php:43)",{"nodes":769,"edges":775},[770,772],{"id":530,"type":531,"label":771,"file":333,"line":485},"$_SERVER['REMOTE_ADDR']",{"id":535,"type":540,"label":773,"file":333,"line":485,"wp_function":774},"get_col() [SQLi]","get_col",[776],{"from":530,"to":535,"sanitized":49},"high",{"entryPoint":779,"graph":780,"unsanitizedCount":26,"severity":777},"\u003Cerrors> (models\\errors.php:0)",{"nodes":781,"edges":784},[782,783],{"id":530,"type":531,"label":771,"file":333,"line":485},{"id":535,"type":540,"label":773,"file":333,"line":485,"wp_function":774},[785],{"from":530,"to":535,"sanitized":49},{"entryPoint":787,"graph":788,"unsanitizedCount":146,"severity":810},"display_edit_page (controller\\admin.php:519)",{"nodes":789,"edges":803},[790,792,793,794,796,797,799,801,802],{"id":530,"type":531,"label":532,"file":178,"line":791},534,{"id":535,"type":536,"label":537,"file":178,"line":791},{"id":539,"type":540,"label":541,"file":372,"line":542,"wp_function":543},{"id":545,"type":531,"label":795,"file":178,"line":791},"$_POST['quickview']",{"id":549,"type":536,"label":537,"file":178,"line":791},{"id":552,"type":540,"label":798,"file":372,"line":378,"wp_function":270},"assert() [RCE]",{"id":601,"type":531,"label":546,"file":178,"line":800},551,{"id":631,"type":536,"label":550,"file":178,"line":800},{"id":633,"type":540,"label":553,"file":248,"line":554,"wp_function":555},[804,805,806,807,808,809],{"from":530,"to":535,"sanitized":49},{"from":535,"to":539,"sanitized":559},{"from":545,"to":549,"sanitized":49},{"from":549,"to":552,"sanitized":49},{"from":601,"to":631,"sanitized":49},{"from":631,"to":633,"sanitized":49},"critical",{"entryPoint":812,"graph":813,"unsanitizedCount":866,"severity":810},"\u003Cadmin> (controller\\admin.php:0)",{"nodes":814,"edges":851},[815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,834,836,838,841,843,845,847,849],{"id":530,"type":531,"label":614,"file":178,"line":615},{"id":535,"type":540,"label":617,"file":178,"line":615,"wp_function":618},{"id":539,"type":531,"label":620,"file":178,"line":621},{"id":545,"type":540,"label":617,"file":178,"line":621,"wp_function":618},{"id":549,"type":531,"label":624,"file":178,"line":625},{"id":552,"type":540,"label":617,"file":178,"line":625,"wp_function":618},{"id":601,"type":531,"label":628,"file":178,"line":629},{"id":631,"type":540,"label":617,"file":178,"line":629,"wp_function":618},{"id":633,"type":531,"label":634,"file":178,"line":635},{"id":637,"type":540,"label":617,"file":178,"line":635,"wp_function":618},{"id":639,"type":531,"label":640,"file":178,"line":641},{"id":643,"type":540,"label":617,"file":178,"line":641,"wp_function":618},{"id":645,"type":531,"label":646,"file":178,"line":647},{"id":649,"type":540,"label":617,"file":178,"line":647,"wp_function":618},{"id":651,"type":531,"label":652,"file":178,"line":653},{"id":655,"type":540,"label":617,"file":178,"line":653,"wp_function":618},{"id":832,"type":531,"label":833,"file":178,"line":533},"n16","$_POST['new_name'] (x2)",{"id":835,"type":536,"label":537,"file":178,"line":533},"n17",{"id":837,"type":540,"label":541,"file":372,"line":542,"wp_function":543},"n18",{"id":839,"type":531,"label":840,"file":178,"line":547},"n19","$_POST (x4)",{"id":842,"type":536,"label":550,"file":178,"line":547},"n20",{"id":844,"type":540,"label":553,"file":248,"line":554,"wp_function":555},"n21",{"id":846,"type":531,"label":795,"file":178,"line":791},"n22",{"id":848,"type":536,"label":537,"file":178,"line":791},"n23",{"id":850,"type":540,"label":798,"file":372,"line":378,"wp_function":270},"n24",[852,853,854,855,856,857,858,859,860,861,862,863,864,865],{"from":530,"to":535,"sanitized":559},{"from":539,"to":545,"sanitized":559},{"from":549,"to":552,"sanitized":559},{"from":601,"to":631,"sanitized":559},{"from":633,"to":637,"sanitized":559},{"from":639,"to":643,"sanitized":559},{"from":645,"to":649,"sanitized":559},{"from":651,"to":655,"sanitized":559},{"from":832,"to":835,"sanitized":49},{"from":835,"to":837,"sanitized":559},{"from":839,"to":842,"sanitized":49},{"from":842,"to":844,"sanitized":49},{"from":846,"to":848,"sanitized":49},{"from":848,"to":850,"sanitized":49},5,{"summary":868,"deductions":869},"The plugin \"filled-in\" v1.9.6 exhibits a mixed security posture. On the positive side, it demonstrates a strong adherence to output escaping best practices with 99% of outputs properly escaped and a good number of nonce and capability checks. The absence of external HTTP requests and bundled libraries further mitigates certain risk vectors. However, significant concerns arise from the static analysis. The presence of 45 dangerous functions, including 'assert' and 'unserialize', signals potential for serious vulnerabilities if not handled with extreme care. Furthermore, the taint analysis reveals 8 flows with unsanitized paths, two of which are critical and two are high severity, indicating a clear risk of data injection or manipulation.  While there are no currently unpatched CVEs, the historical medium severity CSRF vulnerability, though past, suggests a potential weakness in handling user-initiated actions securely. The plugin's strengths lie in its output sanitization and authentication checks, but the identified dangerous functions and tainted flows represent critical areas requiring immediate attention and remediation.",[870,872,874,876,878,881,883,885],{"reason":871,"points":235},"Critical severity taint flows found",{"reason":873,"points":673},"High severity taint flows found",{"reason":875,"points":199},"High number of dangerous functions present",{"reason":877,"points":123},"Significant percentage of SQL queries not using prepared statements",{"reason":879,"points":880},"Flows with unsanitized paths",7,{"reason":882,"points":866},"Presence of unserialize function",{"reason":884,"points":866},"Presence of assert function",{"reason":886,"points":866},"Past medium severity vulnerability (CSRF)","2026-03-16T22:51:39.675Z",{"wat":889,"direct":897},{"assetPaths":890,"generatorPatterns":893,"scriptPaths":894,"versionParams":895},[891,892],"\u002Fwp-content\u002Fplugins\u002Ffilled-in\u002Fcontroller\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Ffilled-in\u002Fcontroller\u002Fadmin.js",[],[892],[896],"filled-in\u002Fcontroller\u002Fadmin.js?ver=",{"cssClasses":898,"htmlComments":900,"htmlAttributes":901,"restEndpoints":903,"jsGlobals":905,"shortcodeOutput":907},[899],"filled-in-form",[],[902],"data-filled-in-id",[904],"\u002Fwp-json\u002Ffilled-in\u002Fv1\u002Fforms",[906],"filled_in",[908,909,910],"\u003Cform class=\"filled-in-form\" id=\"fi-form-","\u003Cinput type=\"hidden\" name=\"fi_nonce\" value=\"","\u003Cinput type=\"hidden\" name=\"fi_id\" value=\"",{"error":559,"url":912,"statusCode":913,"statusMessage":914,"message":914},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Ffilled-in\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":866,"versions":916},[917,925,933,941,949],{"version":918,"download_url":919,"svn_tag_url":920,"released_at":37,"has_diff":49,"diff_files_changed":921,"diff_lines":37,"trac_diff_url":922,"vulnerabilities":923,"is_current":49},"1.8.23","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilled-in.1.8.23.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffilled-in\u002Ftags\u002F1.8.23\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ffilled-in%2Ftags%2F1.8.15&new_path=%2Ffilled-in%2Ftags%2F1.8.23",[924],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":926,"download_url":927,"svn_tag_url":928,"released_at":37,"has_diff":49,"diff_files_changed":929,"diff_lines":37,"trac_diff_url":930,"vulnerabilities":931,"is_current":49},"1.8.15","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilled-in.1.8.15.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffilled-in\u002Ftags\u002F1.8.15\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ffilled-in%2Ftags%2F1.7.7&new_path=%2Ffilled-in%2Ftags%2F1.8.15",[932],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":934,"download_url":935,"svn_tag_url":936,"released_at":37,"has_diff":49,"diff_files_changed":937,"diff_lines":37,"trac_diff_url":938,"vulnerabilities":939,"is_current":49},"1.7.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilled-in.1.7.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffilled-in\u002Ftags\u002F1.7.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ffilled-in%2Ftags%2F1.7.6&new_path=%2Ffilled-in%2Ftags%2F1.7.7",[940],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":942,"download_url":943,"svn_tag_url":944,"released_at":37,"has_diff":49,"diff_files_changed":945,"diff_lines":37,"trac_diff_url":946,"vulnerabilities":947,"is_current":49},"1.7.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilled-in.1.7.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffilled-in\u002Ftags\u002F1.7.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Ffilled-in%2Ftags%2F1.7.5&new_path=%2Ffilled-in%2Ftags%2F1.7.6",[948],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39},{"version":950,"download_url":951,"svn_tag_url":952,"released_at":37,"has_diff":49,"diff_files_changed":953,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":954,"is_current":49},"1.7.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffilled-in.1.7.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Ffilled-in\u002Ftags\u002F1.7.5\u002F",[],[955],{"id":33,"url_slug":34,"title":35,"severity":40,"cvss_score":41,"vuln_type":43,"patched_in_version":39}]