Does iaRe CRM have any unpatched vulnerabilities?

No. All known vulnerabilities in iaRe CRM have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is iaRe CRM compatible with WordPress 6.9.4?

According to WordPress.org data, iaRe CRM 1.1.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is iaRe CRM compatible with PHP 7.4+?

iaRe CRM requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is iaRe CRM updated?

iaRe CRM was last updated on Unknown. Frequent updates are generally a positive security signal.

What is iaRe CRM's security score?

iaRe CRM has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

iaRe CRM Security & Risk Analysis

wordpress.org/plugins/iare-crm

Integração completa com o iaRe CRM para captura e gerenciamento de leads com suporte nativo do Elementor.

0 active installs v1.1.1 PHP 7.4+ WP 6.3+ Updated Unknown

crmelementorform-integrationintegrationlead-capture

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is iaRe CRM Safe to Use in 2026?

Generally Safe

Score 100/100

iaRe CRM has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "iare-crm" plugin v1.1.1 demonstrates a strong security posture based on the provided static analysis and vulnerability history. The code effectively utilizes prepared statements for all SQL queries and properly escapes all output, mitigating common risks like SQL injection and cross-site scripting (XSS). Furthermore, the plugin implements nonce and capability checks for all identified AJAX entry points, indicating a commitment to preventing unauthorized actions.

Despite these strengths, the analysis reveals two flows with unsanitized paths. While classified as not critical or high severity, these unsanitized paths represent potential vectors for vulnerabilities if they involve user-supplied input that is not sufficiently validated or sanitized before being used in file operations or other sensitive contexts. The absence of any known past vulnerabilities is a positive sign, suggesting a generally well-maintained codebase. However, the presence of unsanitized paths warrants attention, as they could lead to issues not captured by the current analysis or future threats.

In conclusion, the plugin exhibits good security practices with robust protection for its AJAX handlers and database interactions. The primary area of concern lies in the identified unsanitized paths, which, although not currently classified as high-risk, represent a potential weakness that should be investigated and remediated to ensure a fully secure implementation. The lack of historical vulnerabilities is a significant strength.

Key Concerns

Flows with unsanitized paths detected

Vulnerabilities

None known

iaRe CRM Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

iaRe CRM Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

65 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared4 total queries

Output Escaping

100% escaped65 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

handle_form_submission (app\admin\pages\settings-page.php:46)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

iaRe CRM Attack Surface

Entry Points5

Unprotected0

AJAX Handlers 5

authwp_ajax_iare_crm_test_connectionapp\admin\pages\settings-page.php:22

authwp_ajax_iare_crm_get_locationapp\api\geolocation-endpoints.php:19

noprivwp_ajax_iare_crm_get_locationapp\api\geolocation-endpoints.php:22

authwp_ajax_iare_crm_test_location_apiapp\api\geolocation-endpoints.php:25

noprivwp_ajax_iare_crm_test_location_apiapp\api\geolocation-endpoints.php:26

WordPress Hooks 28

actionadmin_menuapp\admin\menu-manager.php:18

actionadmin_enqueue_scriptsapp\admin\menu-manager.php:19

actionadmin_initapp\admin\menu-manager.php:20

actionadmin_headapp\admin\menu-manager.php:21

actionadmin_noticesapp\admin\menu-manager.php:147

actionall_admin_noticesapp\admin\menu-manager.php:148

actionuser_admin_noticesapp\admin\menu-manager.php:149

actionnetwork_admin_noticesapp\admin\menu-manager.php:150

filteradmin_footer_textapp\admin\menu-manager.php:163

filterupdate_footerapp\admin\menu-manager.php:164

actionadmin_initapp\admin\pages\debug-page.php:21

actionadmin_post_iare_crm_clear_debug_logsapp\admin\pages\debug-page.php:22

actionadmin_post_iare_crm_download_debug_logsapp\admin\pages\debug-page.php:23

actionadmin_initapp\admin\pages\settings-page.php:21

actioninitapp\core\initializer.php:20

actionplugins_loadedapp\core\initializer.php:48

actionwp_enqueue_scriptsapp\core\initializer.php:68

actionadmin_enqueue_scriptsapp\core\initializer.php:71

actionplugins_loadedapp\integrations\elementor\elementor-integration-manager.php:30

actionadmin_noticesapp\integrations\elementor\elementor-integration-manager.php:44

actionadmin_noticesapp\integrations\elementor\elementor-integration-manager.php:50

actionelementor/initapp\integrations\elementor\elementor-integration-manager.php:54

actionadmin_noticesapp\integrations\elementor\elementor-integration-manager.php:71

actionelementor_pro/forms/actions/registerapp\integrations\elementor\elementor-integration-manager.php:81

actionwp_enqueue_scriptsapp\integrations\elementor\services\utm-capture-service.php:30

filteriare_crm_elementor_form_dataapp\integrations\elementor\services\utm-capture-service.php:31

actioninitiare-crm.php:38

actionplugins_loadediare-crm.php:46

Maintenance & Trust

iaRe CRM Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedUnknown

PHP min version7.4

Downloads367

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

iaRe CRM Alternatives

Connect Elementor Forms to Google Sheets Addon

wpsyncsheets-elementor

100

Easily connect Elementor Pro Forms to Google Sheets and automatically sync form entries in real-time—no coding required, simple, secure, and one-time …

800 1 CVE

WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms

cf7-dynamics-crm

Send Contact Form 7, WPForms, Elementor, Ninja Forms, CRM Perks Forms and many other contact form submissions to dynamics crm Online.

300 1 CVE

Vtiger CRM Integration for WordPress

wp-tiger

Elevate Lead Capture and CRM Integration Effortlessly with Vtiger CRM Integration for WordPress

300 No CVEs

Integration Sendy for Elementor

integration-sendy-elementor

Easily connect Elementor Pro forms to Sendy and automatically grow your email list with just a few clicks—no third-party tools required.

40 No CVEs

Salesforce Integration for WordPress

wp-salesforce

Streamline Lead Capture, User Sync, and CRM Integration Effortlessly with Salesforce Integration for WordPress.

40 No CVEs

Developer Profile

iaRe CRM Developer Profile

iaRe

1 plugin · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect iaRe CRM

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/iare-crm/assets/css/admin/settings.css/wp-content/plugins/iare-crm/assets/css/admin/debug.css/wp-content/plugins/iare-crm/assets/js/admin/settings.js

Version Parameters

iare-crm/assets/css/admin/settings.css?ver=iare-crm/assets/css/admin/debug.css?ver=iare-crm/assets/js/admin/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

iare-crm-admin

JS Globals

iareCrmAjax

FAQ