WP-Safety

Integrate Dynamics 365 CRM Security & Risk Analysis

wordpress.org/plugins/integrate-dynamics-365-crm

Sync form data to create leads, contacts in Dynamics 365. Bi-directional sync WooCommerce orders, products, refunds with Dynamics 365 CRM & Busine …

80 active installs v1.1.2 PHP 7.0+ WP 5.5+ Updated Jan 13, 2026
crmdynamics-365dynamics-crmformsmicrosoft
98
A · Safe
CVEs total2
Unpatched0
Last CVEJan 16, 2026
Plugin page Download
Safety Verdict

Is Integrate Dynamics 365 CRM Safe to Use in 2026?

Generally Safe

Score 98/100

Integrate Dynamics 365 CRM has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

2 known CVEsLast CVE: Jan 16, 2026Updated 4mo ago
Risk Assessment

The "integrate-dynamics-365-crm" plugin v1.1.2 exhibits a mixed security posture. While it demonstrates good practices such as 100% prepared statement usage for SQL queries and a high percentage of properly escaped output, significant concerns arise from its attack surface and historical vulnerabilities. The presence of two unprotected AJAX handlers represents a direct pathway for attackers to interact with the plugin without proper authentication, creating a notable risk.

The taint analysis indicates one flow with an unsanitized path, though it is not classified as critical or high severity. This still warrants attention as it suggests a potential for input manipulation that might lead to unexpected behavior or vulnerabilities. The plugin's history shows two medium-severity vulnerabilities, specifically Cross-Site Scripting and Missing Authentication for Critical Functions. The fact that the last vulnerability was dated 2026-01-16 and is currently unpatched is highly concerning and suggests a lack of ongoing security maintenance or a very recent, unaddressed issue.

Overall, the plugin has strengths in its database interaction and output handling. However, the unprotected entry points and the recent, unpatched medium vulnerabilities significantly elevate the risk. The combination of an exposed attack surface and a history of critical vulnerability types indicates potential weaknesses that could be exploited. While no critical or high severity issues are immediately apparent in the static analysis, the historical context and the unprotected AJAX handlers necessitate caution.

Key Concerns

  • Unprotected AJAX handlers (2)
  • Taint flow with unsanitized path (1)
  • Historically unpatched medium CVEs (2)
  • Vulnerability history includes Missing Auth
  • Vulnerability history includes XSS
Vulnerabilities
2 published

Integrate Dynamics 365 CRM Security Vulnerabilities

CVEs by Year

1 CVE in 2025
2025
1 CVE in 2026
2026
Patched Has unpatched

Severity Breakdown

Medium
2

2 total CVEs

CVE-2026-0725medium · 4.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Field Mapping Configuration

Jan 16, 2026 Patched in 1.1.2 (1d)
CVE-2025-10746medium · 6.5Missing Authentication for Critical Function

Integrate Dynamics 365 CRM <= 1.0.9 - Missing Authorization

Oct 3, 2025 Patched in 1.1.0 (1d)
Version History

Integrate Dynamics 365 CRM Release Timeline

v1.1.2Current
v1.1.11 CVE
CVE-2026-0725
v1.1.01 CVE
CVE-2026-0725
v1.0.92 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.82 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.72 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.62 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.52 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.42 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.32 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.22 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.12 CVEs
CVE-2026-0725 CVE-2025-10746
v1.0.02 CVEs
CVE-2026-0725 CVE-2025-10746
v0.0.52 CVEs
CVE-2026-0725 CVE-2025-10746
Code Analysis
Analyzed Mar 16, 2026

Integrate Dynamics 365 CRM Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
28 prepared
Unescaped Output
36
387 escaped
Nonce Checks
13
Capability Checks
6
File Operations
0
External Requests
12
Bundled Libraries
2

Bundled Libraries

Select2jQuery

SQL Query Safety

100% prepared28 total queries

Output Escaping

91% escaped423 total outputs
Data Flows · Security
1 unsanitized

Data Flow Analysis

2 flows1 with unsanitized paths
mo_dcrm_test_object_mapping (Observer\class-adminobserver.php:462)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
2 unprotected

Integrate Dynamics 365 CRM Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

authwp_ajax_mo_gfdcrm_integrateintegrate-dynamics-365-crm.php:72
authwp_ajax_mo_cf7dcrm_integrateintegrate-dynamics-365-crm.php:73
WordPress Hooks 9
actionadmin_menuintegrate-dynamics-365-crm.php:66
actionadmin_enqueue_scriptsintegrate-dynamics-365-crm.php:67
actionadmin_footerintegrate-dynamics-365-crm.php:68
actionadmin_enqueue_scriptsintegrate-dynamics-365-crm.php:69
actionadmin_initintegrate-dynamics-365-crm.php:70
actioninitintegrate-dynamics-365-crm.php:71
filterwpcf7_posted_dataintegrate-dynamics-365-crm.php:75
filtergform_after_submissionintegrate-dynamics-365-crm.php:76
filterninja_forms_submit_dataintegrate-dynamics-365-crm.php:77
Maintenance & Trust

Integrate Dynamics 365 CRM Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedJan 13, 2026
PHP min version7.0
Downloads4K

Community Trust

Rating100/100
Number of ratings6
Active installs80
Alternatives

Integrate Dynamics 365 CRM Alternatives

Dynamics 365 Integration

Dynamics 365 Integration

integration-dynamics

A
86

The easiest way to connect Dynamics 365 or Dynamics CRM with WordPress.

600 6 CVEs
WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms

WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms

cf7-dynamics-crm

A
99

Send Contact Form 7, WPForms, Elementor, Ninja Forms, CRM Perks Forms and many other contact form submissions to dynamics crm Online.

300 1 CVE
WP Gravity Forms Dynamics CRM

WP Gravity Forms Dynamics CRM

gf-dynamics-crm

A
99

Gravity Forms Dynamics CRM Add-on sends Gravity Forms entries to Dynamics CRM Online.

300 2 CVEs
Dataverse Integration

Dataverse Integration

integration-cds

A
98

The easiest way to integrate WordPress with Dynamics 365, Dataverse, Power Apps, or Dynamics CRM.

100 1 CVE
HubSpot All-In-One Marketing – Forms, Popups, Live Chat

HubSpot All-In-One Marketing – Forms, Popups, Live Chat

leadin

A
95

The CRM, Sales, and Marketing WordPress plugin to grow your business better. Capture and engage web visitors with free live chat, forms, CRM, email ma &hellip;

200K 3 CVEs
Developer Profile

Integrate Dynamics 365 CRM Developer Profile

miniOrange

41 plugins · 83K total installs

76
trust score
Avg Security Score
96/100
Avg Patch Time
324 days
View full developer profile
Detection Fingerprints

How We Detect Integrate Dynamics 365 CRM

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/integrate-dynamics-365-crm/includes/css/mo_dcrm_settings.css/wp-content/plugins/integrate-dynamics-365-crm/includes/css/phone.css/wp-content/plugins/integrate-dynamics-365-crm/includes/css/support.css/wp-content/plugins/integrate-dynamics-365-crm/includes/css/mo_dcrm_alert_css.css/wp-content/plugins/integrate-dynamics-365-crm/includes/css/select2.min.css/wp-content/plugins/integrate-dynamics-365-crm/includes/js/mo_dcrm_settings.js/wp-content/plugins/integrate-dynamics-365-crm/includes/js/select2.min.js
Version Parameters
integrate-dynamics-365-crm/includes/css/mo_dcrm_settings.css?ver=integrate-dynamics-365-crm/includes/css/phone.css?ver=integrate-dynamics-365-crm/includes/css/support.css?ver=integrate-dynamics-365-crm/includes/css/mo_dcrm_alert_css.css?ver=integrate-dynamics-365-crm/includes/css/select2.min.css?ver=integrate-dynamics-365-crm/includes/js/mo_dcrm_settings.js?ver=integrate-dynamics-365-crm/includes/js/select2.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
mo-dcrm-object-mapping-table
Data Attributes
data-pluginurl
FAQ

Frequently Asked Questions about Integrate Dynamics 365 CRM