[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fkpSZetM_lpFaBHaParPTbJYbQ6NnWxhF1EiQQUj1i2w":3,"$fWzsznr44JmKCHjaqyrJ5eXhgSrBlAp-0E-YlvY6cqf4":300,"$fSRfDzYb7TZFV-bTUx1DnPyv5pUaO5trToz-VDHYVsLA":304},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"discovery_status":31,"vulnerabilities":32,"developer":33,"crawl_stats":29,"alternatives":40,"analysis":144,"fingerprints":282},"gna-contact-form-7-sms","GNA Contact Form 7 SMS","1.0.5","Chris Mok","https:\u002F\u002Fprofiles.wordpress.org\u002Fchris_dev\u002F","\u003Cp>Send SMS from your existing Contact Form 7 plugin using SMS Global.\u003C\u002Fp>\n\u003Cp>You need to have SMS Global account(http:\u002F\u002Fwww.smsglobal.com) and some credit to use this plugin.\u003C\u002Fp>\n\u003Ch4>NEED HELP?\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwebgna.com\u002F\" rel=\"nofollow ugc\">FAQs\u003C\u002Fa>\u003C\u002Fstrong> | \u003Cstrong>\u003Ca href=\"http:\u002F\u002Fwebgna.com\u002F\" rel=\"nofollow ugc\">Tech Support\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch3>Languages Available\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>English\u003C\u002Fli>\n\u003C\u002Ful>\n","Send SMS from your existing Contact Form 7 plugin using SMS Global.",10,2080,100,1,"2016-09-05T04:09:00.000Z","4.7.33","3.9","",[20,21,22,23,24],"addon","contact-form-7","gna","sending-sms","sms","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fgna-contact-form-7-sms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.1.0.5.zip",85,0,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":34,"display_name":7,"profile_url":8,"plugin_count":35,"total_installs":36,"avg_security_score":27,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"chris_dev",15,300,30,84,"2026-05-20T02:22:03.562Z",[41,64,88,108,127],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":13,"num_ratings":51,"last_updated":52,"tested_up_to":53,"requires_at_least":54,"requires_php":55,"tags":56,"homepage":18,"download_link":61,"security_score":62,"vuln_count":14,"unpatched_count":28,"last_vuln_date":63,"fetched_at":30},"ds-cf7-math-captcha","DS CF7 Math Captcha","3.1.0","dotsquares","https:\u002F\u002Fprofiles.wordpress.org\u002Fdotsvijay\u002F","\u003Ch3>Form Stop Spam Emails – A permanent solution to stop spam emails\u003C\u002Fh3>\n\u003Cp>“DS CF7 Math Captcha” plugin gives functionality of prevent unwanted spam to your contact form 7. Contact Form 7 plugin is most widely used by many users so this plugin helps to prevent unwanted spam from website that has been created by Contact Form 7 plugin. This plugin is very much effective to stop form spam for Contact Form 7 plugin.\u003C\u002Fp>\n\u003Ch4>The plugin has been tested with the latest version (6.1) of Contact Form 7\u003C\u002Fh4>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Math Captcha\u003C\u002Fli>\n\u003Cli>Refresh Math Captcha\u003C\u002Fli>\n\u003Cli>Available Translations – English (US), French, Hindi, Spanish and German\u003C\u002Fli>\n\u003C\u002Ful>\n","\"DS CF7 Math Captcha\" is a math captcha with refresh captcha functionality to prevent unwanted spam for your contact form 7 plugin.",30000,72904,8,"2026-02-19T10:26:00.000Z","6.9.4","6.5","7.4",[57,21,58,59,60],"captcha","contact-form-7-addon","contact-form-7-captcha","math-captcha","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fds-cf7-math-captcha.3.1.0.zip",99,"2024-09-05 00:00:00",{"slug":65,"name":66,"version":67,"author":68,"author_profile":69,"description":70,"short_description":71,"active_installs":72,"downloaded":73,"rating":74,"num_ratings":75,"last_updated":76,"tested_up_to":77,"requires_at_least":78,"requires_php":18,"tags":79,"homepage":84,"download_link":85,"security_score":62,"vuln_count":86,"unpatched_count":28,"last_vuln_date":87,"fetched_at":30},"awesome-contact-form7-for-elementor","Awesome Contact Form7 for Elementor","3.2","B.M. Rafiul Alam","https:\u002F\u002Fprofiles.wordpress.org\u002Frafiul17\u002F","\u003Cp>Adds Awesome Contact Form7 for Elementor that are specifically designed to be used in conjunction with the Elementor Page Builder and Contact form7.\u003C\u002Fp>\n\u003Cp>Video tutorial link:\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002F47vsPWSUXPY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Cp>Make a cool contact form in 5 minutes with  Awesome Contact Form7 for Elementor\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fs9YWe3j47n4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Add Awesome Contact Form7 for Elementor with easy way.",7000,126606,88,23,"2025-12-29T04:07:00.000Z","6.8.5","6.3",[80,81,82,21,83],"addons","contact","contact-form","elementor","https:\u002F\u002Fwordpress.org\u002Fplugins\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fawesome-contact-form7-for-elementor.zip",2,"2024-10-15 00:00:00",{"slug":89,"name":90,"version":91,"author":92,"author_profile":93,"description":94,"short_description":95,"active_installs":96,"downloaded":97,"rating":98,"num_ratings":99,"last_updated":100,"tested_up_to":53,"requires_at_least":18,"requires_php":101,"tags":102,"homepage":18,"download_link":107,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"digital-signature-for-contact-form-7","Digital Signature For Contact Form 7","1.0","silverplugins217","https:\u002F\u002Fprofiles.wordpress.org\u002Fsilverplugins217\u002F","\u003Cp>\u003Cstrong>Contact Form 7 Signature Addon\u003C\u002Fstrong> making autographs of people who want to get an E-signature in the system. We build too easy to access and use for users can sign your contact forms.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>For Example\u003C\u002Fstrong>\u003Cbr \u002F>\nIf some of the agreements and contracts need to sign digitally then via mouse and touch screen they can do an autograph on the form. that for a reason we build \u003Cstrong>Contact form 7 Signature Field\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FlPfBadQp44E?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch3>FEATURES FOR DIGITAL SIGNATURE FOR CONTACT FORM 7:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>Can change the signature pad background color and pen color.\u003C\u002Fli>\n\u003Cli>Signature field is required or not an option.\u003C\u002Fli>\n\u003Cli>Can add a custom class and id in signature pad\u003C\u002Fli>\n\u003Cli>open any form then you can see \u003Cstrong>digital_signature\u003C\u002Fstrong> button on top.\u003C\u002Fli>\n\u003Cli>Draw your signature then you can clear the signature pad\u003C\u002Fli>\n\u003Cli>Can add signature field name in File attachments then send signature attachment in the email.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.plugin999.com\u002Fplugin\u002Fdigital-signature-for-contact-form-7\u002F\" rel=\"nofollow ugc\">\u003Cstrong>📽Get Pro\u003C\u002Fstrong>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fplugin999.com\u002Fdemo\u002Fdigital-signature-for-contact-form-7\u002F\" rel=\"nofollow ugc\">\u003Cstrong>📽Demo\u003C\u002Fstrong>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.plugin999.com\u002Fdocs-category\u002Fdigital-signature-for-contact-form-7\u002F\" rel=\"nofollow ugc\">\u003Cstrong>📽Documention\u003C\u002Fstrong>\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fwww.plugin999.com\u002Fsupport\u002F\" rel=\"nofollow ugc\">\u003Cstrong>📽Support\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>FEATURES FOR DIGITAL SIGNATURE FOR CONTACT FORM 7 PREMIUM:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Multiple Signature Support in One form\u003C\u002Fli>\n\u003Cli>Attachment In Signature Support\u003C\u002Fli>\n\u003Cli>Customize signature pad width and height options.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>CONTRIBUTE AND TRANSLATE\u003C\u002Fh3>\n\u003Cp>Digital Signature For Contact Form 7 is translated into multiple languages Chinese, Dutch, Russian, Spanish, and many more. Help localize Digital Signature For Contact Form 7 even further by adding your locale Language. \u003Ca href=\"https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Fdigital-signature-for-contact-form-7\" rel=\"nofollow ugc\">Click Here\u003C\u002Fa>\u003C\u002Fp>\n","Contact Form 7 Signature Addon making autographs of people who want to get an E-signature in the system. We build too easy to access and use for users &hellip;",5000,16719,98,14,"2026-01-24T04:54:00.000Z","5.0",[21,103,104,105,106],"digital","digital-signature","signature-contact-form-7","signature-field","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fdigital-signature-for-contact-form-7.zip",{"slug":109,"name":110,"version":111,"author":112,"author_profile":113,"description":114,"short_description":115,"active_installs":116,"downloaded":117,"rating":118,"num_ratings":119,"last_updated":120,"tested_up_to":77,"requires_at_least":121,"requires_php":55,"tags":122,"homepage":125,"download_link":126,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"cf7-popups","Popups – Submission Messages For Contact Form 7","1.2.1","codeworkweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fcodeworkweb\u002F","\u003Cp>This plugin will replace default messages shown by contact form 7 with beautiful popup messages. The plugin handles all error messages, success messages with beautiful popup message.\u003C\u002Fp>\n\u003Ch4>Why Popups from \u003Ca href=\"https:\u002F\u002Fcodeworkweb.com\u002F\" rel=\"nofollow ugc\">Code Work Web\u003C\u002Fa>:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Easy to Use\u003C\u002Fli>\n\u003Cli>Lightweight\u003C\u002Fli>\n\u003Cli>Responsive\u003C\u002Fli>\n\u003Cli>Translation Ready\u003C\u002Fli>\n\u003Cli>24\u002F7\u002F365 Support\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Check Premium Version \u003Ca href=\"https:\u002F\u002Fcodeworkweb.com\u002Fwordpress-plugins\u002Fcontact-form-power-pack\u002F\" rel=\"nofollow ugc\">Power Pack For Contact Form 7\u003C\u002Fa>:\u003C\u002Fh4>\n\u003Ch4>Feedback\u003C\u002Fh4>\n\u003Cp>If you like this plugin, then please leave us a good rating and review.\u003C\u002Fp>\n","Display contact form 7 default messages in stylish popup as user submits the form.",3000,43296,94,6,"2025-09-18T02:39:00.000Z","5.6",[123,82,21,58,124],"cf7","popup-messages","https:\u002F\u002Fcodeworkweb.com\u002Fplugins\u002Fcf7-popups\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-popups.1.2.1.zip",{"slug":128,"name":129,"version":130,"author":131,"author_profile":132,"description":133,"short_description":134,"active_installs":135,"downloaded":136,"rating":13,"num_ratings":14,"last_updated":137,"tested_up_to":138,"requires_at_least":139,"requires_php":121,"tags":140,"homepage":142,"download_link":143,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"serial-number-for-contact-form-7","Serial Number for Contact Form 7","2.4.0","Nobuntu","https:\u002F\u002Fprofiles.wordpress.org\u002Fnobuntu87\u002F","\u003Cp>The “Serial Number for Contact Form 7” plugin add your own mail-tag that displays serial number to the “Contact Form 7” plugin.\u003C\u002Fp>\n\u003Cp>Just like other standard mail-tags, it works by placing it anywhere in the mail template.\u003C\u002Fp>\n\u003Cp>You can customize the display format for each contact form.\u003C\u002Fp>\n\u003Ch4>Docs and Support\u003C\u002Fh4>\n\u003Cp>You can find \u003Ca href=\"https:\u002F\u002Fnobuntu.jp\u002Fblog\u002Fserial-number-for-contact-form-7\u002Fdocs\u002F\" rel=\"nofollow ugc\">Docs\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fnobuntu.jp\u002Fblog\u002Fserial-number-for-contact-form-7\u002Ffaq\u002F\" rel=\"nofollow ugc\">FAQ\u003C\u002Fa>, and more detailed information about the plugin on the \u003Ca href=\"https:\u002F\u002Fnobuntu.jp\u002Fblog\u002Fcategory\u002Fserial-number-for-contact-form-7\u002F\" rel=\"nofollow ugc\">official website\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Required plugins\u003C\u002Fh4>\n\u003Cp>To use this plugin, you need to install the following plugins.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\" rel=\"ugc\">Contact Form 7\u003C\u002Fa> by Takayuki Miyoshi\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Recommended plugins\u003C\u002Fh4>\n\u003Cp>Some plugins that save submitted messages can also save the serial number as well.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fflamingo\u002F\" rel=\"ugc\">Flamingo\u003C\u002Fa> by Takayuki Miyoshi\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-cfdb7\u002F\" rel=\"ugc\">Contact Form 7 Database Addon – CFDB7\u003C\u002Fa> by Arshid\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>* Operation is not guaranteed.\u003C\u002Fp>\n\u003Ch4>Thank you for your support\u003C\u002Fh4>\n\u003Cp>Your support is needed to continue the development and support of the Plugin, which we distribute free of charge.\u003C\u002Fp>\n\u003Cp>If you like the plugin, please consider \u003Ca href=\"https:\u002F\u002Fnobuntu.jp\u002Fblog\u002Fserial-number-for-contact-form-7\u002Fdonate\u002F\" rel=\"nofollow ugc\">making a small donation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Your donation will help us continue development and provide better support.\u003C\u002Fp>\n","Add-on for Contact Form 7 plugin. Add your own mail-tag to display the serial number.",2000,10095,"2023-06-20T03:47:00.000Z","6.2.9","6.0",[21,58,141],"serial-number","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fserial-number-for-contact-form-7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fserial-number-for-contact-form-7.2.4.0.zip",{"attackSurface":145,"codeSignals":193,"taintFlows":238,"riskAssessment":273,"analyzedAt":281},{"hooks":146,"ajaxHandlers":189,"restRoutes":190,"shortcodes":191,"cronEvents":192,"entryPointCount":28,"unprotectedCount":28},[147,152,156,160,164,168,173,177,181,185],{"type":148,"name":149,"callback":150,"file":151,"line":35},"action","admin_menu","create_admin_menus","admin\\gna-contact-form-7-sms-admin-init.php",{"type":148,"name":153,"callback":154,"file":151,"line":155},"admin_print_scripts","admin_menu_page_scripts",19,{"type":148,"name":157,"callback":158,"file":151,"line":159},"admin_print_styles","admin_menu_page_styles",20,{"type":148,"name":161,"callback":162,"file":151,"line":163},"admin_init","register_gna_contact_form_7_sms_settings",49,{"type":148,"name":165,"callback":166,"priority":28,"file":167,"line":159},"init","plugin_init","gna-contact-form-7-sms-core.php",{"type":169,"name":170,"callback":171,"priority":11,"file":167,"line":172},"filter","plugin_row_meta","filter_plugin_meta",21,{"type":148,"name":174,"callback":175,"file":167,"line":176},"plugins_loaded","gna_plugin_load_textdomain",22,{"type":148,"name":178,"callback":179,"file":167,"line":180},"wpcf7_mail_sent","gna_wpcf7_mail_sent_function",57,{"type":169,"name":182,"callback":183,"file":167,"line":184},"wpcf7_editor_panels","sms_template_panel",58,{"type":148,"name":186,"callback":187,"file":167,"line":188},"wpcf7_after_save","save_form",59,[],[],[],[],{"dangerousFunctions":194,"sqlUsage":195,"outputEscaping":197,"fileOperations":28,"externalRequests":28,"nonceChecks":86,"capabilityChecks":28,"bundledLibraries":237},[],{"prepared":28,"raw":28,"locations":196},[],{"escaped":28,"rawEcho":155,"locations":198},[199,202,204,205,207,209,211,212,214,216,219,221,222,224,226,228,230,232,235],{"file":200,"line":35,"context":201},"admin\\gna-contact-form-7-sms-admin-menu.php","raw output",{"file":200,"line":203,"context":201},17,{"file":200,"line":155,"context":201},{"file":200,"line":206,"context":201},29,{"file":200,"line":208,"context":201},31,{"file":200,"line":210,"context":201},51,{"file":200,"line":180,"context":201},{"file":200,"line":213,"context":201},63,{"file":200,"line":215,"context":201},69,{"file":217,"line":218,"context":201},"admin\\gna-contact-form-7-sms-admin-settings-menu.php",40,{"file":217,"line":220,"context":201},87,{"file":217,"line":62,"context":201},{"file":217,"line":223,"context":201},134,{"file":217,"line":225,"context":201},140,{"file":217,"line":227,"context":201},146,{"file":217,"line":229,"context":201},152,{"file":217,"line":231,"context":201},164,{"file":233,"line":234,"context":201},"templates\\default.php",25,{"file":233,"line":236,"context":201},35,[],[239,256,264],{"entryPoint":240,"graph":241,"unsanitizedCount":28,"severity":255},"render_tab1 (admin\\gna-contact-form-7-sms-admin-settings-menu.php:64)",{"nodes":242,"edges":252},[243,247],{"id":244,"type":245,"label":246,"file":217,"line":220},"n0","source","$_SERVER['REQUEST_URI']",{"id":248,"type":249,"label":250,"file":217,"line":220,"wp_function":251},"n1","sink","echo() [XSS]","echo",[253],{"from":244,"to":248,"sanitized":254},true,"low",{"entryPoint":257,"graph":258,"unsanitizedCount":28,"severity":255},"render_tab2 (admin\\gna-contact-form-7-sms-admin-settings-menu.php:109)",{"nodes":259,"edges":262},[260,261],{"id":244,"type":245,"label":246,"file":217,"line":223},{"id":248,"type":249,"label":250,"file":217,"line":223,"wp_function":251},[263],{"from":244,"to":248,"sanitized":254},{"entryPoint":265,"graph":266,"unsanitizedCount":28,"severity":255},"\u003Cgna-contact-form-7-sms-admin-settings-menu> (admin\\gna-contact-form-7-sms-admin-settings-menu.php:0)",{"nodes":267,"edges":271},[268,270],{"id":244,"type":245,"label":269,"file":217,"line":220},"$_SERVER['REQUEST_URI'] (x2)",{"id":248,"type":249,"label":250,"file":217,"line":220,"wp_function":251},[272],{"from":244,"to":248,"sanitized":254},{"summary":274,"deductions":275},"The \"gna-contact-form-7-sms\" plugin v1.0.5 exhibits a mixed security posture.  On the positive side, it has a very small attack surface with no identified AJAX handlers, REST API routes, shortcodes, or cron events.  Furthermore, the plugin uses prepared statements for all SQL queries and has no file operations or external HTTP requests, which are excellent security practices.  The absence of known CVEs and a clean vulnerability history are also positive indicators.\n\nHowever, there are significant concerns regarding output escaping.  With 19 total outputs and 0% properly escaped, this represents a major risk for cross-site scripting (XSS) vulnerabilities. Any user-supplied data displayed on the frontend without proper sanitization or escaping could be exploited.  While the taint analysis shows no unsanitized flows, this might be due to the limited scope of the analysis or the lack of exploitable entry points for data to become tainted in the first place. The presence of nonce checks is good, but the complete absence of capability checks on any potential entry points is a concern if any were to be discovered or introduced in the future.\n\nIn conclusion, while the plugin has a strong foundation in terms of preventing SQL injection and limiting its attack surface, the critical lack of output escaping leaves it vulnerable to XSS attacks.  This is the primary area requiring immediate attention. The absence of capability checks also represents a potential weakness if the plugin's functionality were to expand.",[276,278],{"reason":277,"points":35},"Unescaped output",{"reason":279,"points":280},"Missing capability checks",5,"2026-03-17T01:44:43.982Z",{"wat":283,"direct":291},{"assetPaths":284,"generatorPatterns":286,"scriptPaths":287,"versionParams":288},[285],"\u002Fwp-content\u002Fplugins\u002Fgna-contact-form-7-sms\u002Fassets\u002Fcss\u002Fgna-contact-form-7-sms-admin-styles.css",[],[],[289,290],"gna-contact-form-7-sms\u002Fstyle.css?ver=","gna-contact-form-7-sms\u002Fadmin\u002Fjs\u002Fgna-contact-form-7-sms-admin-scripts.js?ver=",{"cssClasses":292,"htmlComments":293,"htmlAttributes":294,"restEndpoints":296,"jsGlobals":297,"shortcodeOutput":299},[],[],[295],"data-g_cfs_form_id",[],[298],"GNA_ContactForm7SMS_Admin",[],{"error":254,"url":301,"statusCode":302,"statusMessage":303,"message":303},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fgna-contact-form-7-sms\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":305,"versions":306},12,[307,313,320,327,334,341,348,355,362,369,376,383],{"version":6,"download_url":26,"svn_tag_url":308,"released_at":29,"has_diff":309,"diff_files_changed":310,"diff_lines":29,"trac_diff_url":311,"vulnerabilities":312,"is_current":254},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F1.0.5\u002F",false,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.4&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.5",[],{"version":314,"download_url":315,"svn_tag_url":316,"released_at":29,"has_diff":309,"diff_files_changed":317,"diff_lines":29,"trac_diff_url":318,"vulnerabilities":319,"is_current":309},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.3&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.4",[],{"version":321,"download_url":322,"svn_tag_url":323,"released_at":29,"has_diff":309,"diff_files_changed":324,"diff_lines":29,"trac_diff_url":325,"vulnerabilities":326,"is_current":309},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.2&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.3",[],{"version":328,"download_url":329,"svn_tag_url":330,"released_at":29,"has_diff":309,"diff_files_changed":331,"diff_lines":29,"trac_diff_url":332,"vulnerabilities":333,"is_current":309},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.1&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.2",[],{"version":335,"download_url":336,"svn_tag_url":337,"released_at":29,"has_diff":309,"diff_files_changed":338,"diff_lines":29,"trac_diff_url":339,"vulnerabilities":340,"is_current":309},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.0&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.1",[],{"version":342,"download_url":343,"svn_tag_url":344,"released_at":29,"has_diff":309,"diff_files_changed":345,"diff_lines":29,"trac_diff_url":346,"vulnerabilities":347,"is_current":309},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F1.0.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.8&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F1.0.0",[],{"version":349,"download_url":350,"svn_tag_url":351,"released_at":29,"has_diff":309,"diff_files_changed":352,"diff_lines":29,"trac_diff_url":353,"vulnerabilities":354,"is_current":309},"0.9.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.0.9.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F0.9.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.7&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.8",[],{"version":356,"download_url":357,"svn_tag_url":358,"released_at":29,"has_diff":309,"diff_files_changed":359,"diff_lines":29,"trac_diff_url":360,"vulnerabilities":361,"is_current":309},"0.9.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.0.9.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F0.9.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.6&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.7",[],{"version":363,"download_url":364,"svn_tag_url":365,"released_at":29,"has_diff":309,"diff_files_changed":366,"diff_lines":29,"trac_diff_url":367,"vulnerabilities":368,"is_current":309},"0.9.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.0.9.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F0.9.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.5&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.6",[],{"version":370,"download_url":371,"svn_tag_url":372,"released_at":29,"has_diff":309,"diff_files_changed":373,"diff_lines":29,"trac_diff_url":374,"vulnerabilities":375,"is_current":309},"0.9.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.0.9.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F0.9.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.2&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.5",[],{"version":377,"download_url":378,"svn_tag_url":379,"released_at":29,"has_diff":309,"diff_files_changed":380,"diff_lines":29,"trac_diff_url":381,"vulnerabilities":382,"is_current":309},"0.9.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.0.9.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F0.9.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.1&new_path=%2Fgna-contact-form-7-sms%2Ftags%2F0.9.2",[],{"version":384,"download_url":385,"svn_tag_url":386,"released_at":29,"has_diff":309,"diff_files_changed":387,"diff_lines":29,"trac_diff_url":29,"vulnerabilities":388,"is_current":309},"0.9.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgna-contact-form-7-sms.0.9.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fgna-contact-form-7-sms\u002Ftags\u002F0.9.1\u002F",[],[]]