[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fUfbrph1bzeLsdUZlSaWBWk-1tIEc4CbwVosGVZP3mT8":3,"$fyrNHnVlgKyQFWe2yhF-hTSKw_rL7OXySQzdZc0n6INE":553,"$fkvyjCX5zwtYnTYi6t1UieJ5APpUMUg4OK8hJ8aU3Cdk":557},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"discovery_status":32,"vulnerabilities":33,"developer":85,"crawl_stats":39,"alternatives":93,"analysis":94,"fingerprints":532},"integration-for-contact-form-7-and-pipedrive","Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms","1.2.6","CRM Perks","https:\u002F\u002Fprofiles.wordpress.org\u002Fcrmperks\u002F","\u003Cp>Contact Form 7 Pipedrive extension sends form submissions from \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-7\u002F\" rel=\"ugc\">Contact Form 7\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpforms-lite\u002F\" rel=\"ugc\">WPforms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Felementor\u002F\" rel=\"ugc\">Elementor Forms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fninja-forms\u002F\" rel=\"ugc\">Ninja Forms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fformidable\u002F\" rel=\"ugc\">Formidable Forms\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-form-entries\u002F\" rel=\"ugc\">Contact Form Entries\u003C\u002Fa> and many other popular contact form plugins to Pipedrive when anyone submits a form. Learn more at \u003Ca href=\"https:\u002F\u002Fwww.crmperks.com\u002Fplugins\u002Fcontact-form-plugins\u002Fcontact-form-pipedrive-plugin\u002F?utm_source=wordpress&utm_medium=directory&utm_campaign=pipedrive_readme\" rel=\"nofollow ugc\">crmperks.com\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Contact form 7 Pipedrive integration\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Go to “Pipedrive Accounts” tab then add new account.\u003C\u002Fli>\n\u003Cli>Go to “Pipedrive Feeds” tab then create a new feed.\u003C\u002Fli>\n\u003Cli>Map required pipedrive fields to contact form fields.\u003C\u002Fli>\n\u003Cli>Send your test entry to pipedrive by clicking “send to pipedrive” button.\u003C\u002Fli>\n\u003Cli>Go to “Pipedrive Logs” tab and verify status of previously sent entry.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Connect Pipedrive CRM account\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Connect any contact form 7 to Pipedrive account by simply entering Pipedrive API key. Additionally, you can connect multiple Pipedrive accounts to Contact Form 7.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Map Pipedrive fields\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Select any pipedrive Object then Map pipedrive Object fields to any contact form 7 fields. Plugin displays  all pipedrive fields.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Filter contact form 7  submissions\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Filter contact form 7 submissions sent to Pipedrive based on user input. For example , send those customers to Pipedrive who check “Subscribe to newsletter” checkbox.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Manually send to Pipedrive\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Send contact form 7 submissions to Pipedrive when someone submits a contact form. You can manually send contact form 7 submissions to Pipedrive by clicking “Send to Pipedrive” button.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Pipedrive logs\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>View a detailed log of each contact form 7 submission Whether sent or not sent to Pipedrive and easily resend contact form 7 submission to Pipedrive.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Send Data As Pipedrive Contact Notes\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Send one to many contact form 7 form fields as Pipedrive Object notes when someone submits a contact form on your site.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Create Or Update Contact in Pipedrive\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>If a Contact already exists in Pipedrive , update it otherwise create a new Contact in Pipedrive.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Premium Version Features.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Following features are available only in premium version \u003Ca href=\"https:\u002F\u002Fwww.crmperks.com\u002Fplugins\u002Fcontact-form-plugins\u002Fcontact-form-pipedrive-plugin\u002F?utm_source=wordpress&utm_medium=directory&utm_campaign=pipedrive_readme\" rel=\"nofollow ugc\">Contact Form 7 Pipedrive Pro\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Phone number field, Marketing Status field and all custom fields of Pipedrive.\u003C\u002Fli>\n\u003Cli>Create Leads in Pipedrive CRM.\u003C\u002Fli>\n\u003Cli>Create Organizations and Deals in Pipedrive.\u003C\u002Fli>\n\u003Cli>Assign Organizations and Deals to Contacts in Pipedrive.\u003C\u002Fli>\n\u003Cli>Assign Owner to Contacts, Organizations and Deals in Pipedrive.\u003C\u002Fli>\n\u003Cli>Google Analytics Parameters and Geolocation of a visitor who submitted the form.\u003C\u002Fli>\n\u003Cli>Lookup lead’s email and phone using email and phone lookup apis.\u003C\u002Fli>\n\u003Cli>20+ premium addons\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch3>Need Pipedrive Plugin for Gravity Forms ?\u003C\u002Fh3>\n\u003Cp>We have a separate addon for integrating Gravity Forms and Pipedrive CRM \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fintegration-for-gravity-forms-and-pipedrive\u002F\" rel=\"ugc\">Gravity Forms Pipedrive\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Need Pipedrive Plugin for Woocommerce ?\u003C\u002Fh3>\n\u003Cp>We have Pipedrive add-on for Woocommerce. \u003Ca href=\"https:\u002F\u002Fwww.crmperks.com\u002Fplugins\u002Fwoocommerce-plugins\u002Fwoocommerce-pipedrive-plugin\u002F?utm_source=wordpress&utm_medium=directory&utm_campaign=cf7_pipedrive_CRM_readme\" rel=\"nofollow ugc\">Woocommerce Pipedrive Plugin\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Want to send data to crm\u003C\u002Fh3>\n\u003Cp>We have Premium Extensions for 20+ CRMs.\u003Ca href=\"https:\u002F\u002Fwww.crmperks.com\u002Fplugin-category\u002Fcontact-form-plugins\u002F?utm_source=wordpress&utm_medium=directory&utm_campaign=pipedrive_readme\" rel=\"nofollow ugc\">View All CRM Extensions\u003C\u002Fa>\u003C\u002Fp>\n","Send Contact Form 7, WPForms, Elementor, Ninja Forms, CRM Perks Forms and many other contact form submissions to Pipedrive.",1000,27973,100,26,"2026-03-22T11:21:00.000Z","6.9.4","3.8","5.3",[20,21,22,23,24],"contact-form-7-pipedrive","contact-form-7-pipedrive-integration","elementor-forms-pipedrive","ninja-forms-pipedrive","wpforms-pipedrive","https:\u002F\u002Fwww.crmperks.com\u002Fplugins\u002Fcontact-form-plugins\u002Fcontact-form-pipedrive-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.6.zip",93,3,0,"2025-07-18 16:22:53","2026-04-16T10:56:18.058Z","no_bundle",[34,52,69],{"id":35,"url_slug":36,"title":37,"description":38,"plugin_slug":4,"theme_slug":39,"affected_versions":40,"patched_in_version":41,"severity":42,"cvss_score":43,"cvss_vector":44,"vuln_type":45,"published_date":30,"updated_date":46,"references":47,"days_to_patch":49,"patch_diff_files":50,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2025-7696","integration-for-pipedrive-and-contact-form-7-wpforms-elementor-ninja-forms-unauthenticated-php-object-injection-via-veri","Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms \u003C= 1.2.3 - Unauthenticated PHP Object Injection via verify_field_val Function","The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.3 via deserialization of untrusted input within the verify_field_val() function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted.",null,"\u003C=1.2.3","1.2.4","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Deserialization of Untrusted Data","2025-07-19 04:23:02",[48],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6980112b-a555-47a4-b2d7-f0187d52fc63?source=api-prod",1,[],false,{"id":53,"url_slug":54,"title":55,"description":56,"plugin_slug":4,"theme_slug":39,"affected_versions":57,"patched_in_version":58,"severity":59,"cvss_score":60,"cvss_vector":61,"vuln_type":62,"published_date":63,"updated_date":64,"references":65,"days_to_patch":67,"patch_diff_files":68,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"CVE-2024-34817","integration-for-pipedrive-and-contact-form-7-wpforms-elementor-ninja-forms-cross-site-request-forgery","Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms \u003C= 1.2.0 - Cross-Site Request Forgery","The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the settings_page() function. This makes it possible for unauthenticated attackers to update settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=1.2.0","1.2.1","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2024-05-09 00:00:00","2024-05-15 20:09:15",[66],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fc761f19e-3263-4fa5-90c0-d661f160ed3a?source=api-prod",7,[],{"id":70,"url_slug":71,"title":72,"description":73,"plugin_slug":4,"theme_slug":39,"affected_versions":74,"patched_in_version":75,"severity":59,"cvss_score":76,"cvss_vector":77,"vuln_type":78,"published_date":79,"updated_date":80,"references":81,"days_to_patch":83,"patch_diff_files":84,"patch_trac_url":39,"research_status":39,"research_verified":51,"research_rounds_completed":29,"research_plan":39,"research_summary":39,"research_vulnerable_code":39,"research_fix_diff":39,"research_exploit_outline":39,"research_model_used":39,"research_started_at":39,"research_completed_at":39,"research_error":39,"poc_status":39,"poc_video_id":39,"poc_summary":39,"poc_steps":39,"poc_tested_at":39,"poc_wp_version":39,"poc_php_version":39,"poc_playwright_script":39,"poc_exploit_code":39,"poc_has_trace":51,"poc_model_used":39,"poc_verification_depth":39},"WF-cc1e9778-2860-4e3c-a2e4-28f10d585fed-integration-for-contact-form-7-and-pipedrive","crm-perks-various-plugins-various-versions-reflected-cross-site-scripting-10","CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting","Multiple CRM Perks plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the 'vx_debug' parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=1.1.0","1.1.1",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2021-08-26 00:00:00","2024-01-22 19:56:02",[82],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcc1e9778-2860-4e3c-a2e4-28f10d585fed?source=api-prod",880,[],{"slug":86,"display_name":7,"profile_url":8,"plugin_count":87,"total_installs":88,"avg_security_score":89,"avg_patch_time_days":90,"trust_score":91,"computed_at":92},"crmperks",32,104660,96,339,76,"2026-05-19T23:30:07.825Z",[],{"attackSurface":95,"codeSignals":256,"taintFlows":458,"riskAssessment":521,"analyzedAt":531},{"hooks":96,"ajaxHandlers":252,"restRoutes":253,"shortcodes":254,"cronEvents":255,"entryPointCount":29,"unprotectedCount":29},[97,103,108,112,116,120,124,128,134,137,140,143,147,151,155,159,163,167,171,175,179,183,187,191,195,199,202,206,210,213,218,221,225,229,233,236,241,245,247],{"type":98,"name":99,"callback":100,"priority":101,"file":102,"line":101},"action","vx_cf_add_meta_box","add_meta_box",10,"includes\\crmperks-cf.php",{"type":98,"name":104,"callback":105,"priority":101,"file":106,"line":107},"cfx_add_meta_box","add_meta_box_crmperks_form","includes\\plugin-pages.php",35,{"type":98,"name":109,"callback":110,"priority":101,"file":106,"line":111},"cfx_form_entry_updated","update_entry_crm_perks_forms",36,{"type":98,"name":113,"callback":114,"priority":101,"file":106,"line":115},"cfx_form_post_note_added","create_note_crm_perks_forms",37,{"type":98,"name":117,"callback":118,"priority":101,"file":106,"line":119},"cfx_form_pre_note_deleted","delete_note_crm_perks_forms",38,{"type":98,"name":121,"callback":122,"priority":101,"file":106,"line":123},"cfx_form_pre_trash_leads","trash_leads_crm_perks_forms",39,{"type":98,"name":125,"callback":126,"priority":101,"file":106,"line":127},"cfx_form_pre_restore_leads","restore_leads_crm_perks_forms",40,{"type":129,"name":130,"callback":131,"priority":132,"file":106,"line":133},"filter","admin_menu","create_menu",50,52,{"type":129,"name":135,"callback":100,"priority":101,"file":106,"line":136},"vx_cf_meta_boxes_right",53,{"type":98,"name":138,"callback":138,"file":106,"line":139},"admin_notices",54,{"type":129,"name":141,"callback":141,"priority":101,"file":106,"line":142},"plugin_action_links",55,{"type":98,"name":144,"callback":145,"file":106,"line":146},"vxcf_entry_submit_btn","entry_checkbox",56,{"type":98,"name":148,"callback":149,"priority":101,"file":106,"line":150},"vx_cf7_post_note_added","create_note_e",58,{"type":98,"name":152,"callback":153,"priority":101,"file":106,"line":154},"vx_cf7_pre_note_deleted","delete_note_e",59,{"type":98,"name":156,"callback":157,"file":106,"line":158},"vx_cf7_pre_trash_leads","trash_leads_e",60,{"type":98,"name":160,"callback":161,"file":106,"line":162},"vx_cf7_pre_restore_leads","restore_leads_e",61,{"type":98,"name":164,"callback":165,"priority":101,"file":106,"line":166},"vx_cf7_entry_updated","update_entry_e",62,{"type":98,"name":168,"callback":169,"priority":101,"file":106,"line":170},"vx_contact_post_note_added","create_note_c",64,{"type":98,"name":172,"callback":173,"priority":101,"file":106,"line":174},"vx_contact_pre_note_deleted","delete_note_c",65,{"type":98,"name":176,"callback":177,"file":106,"line":178},"vx_contact_pre_trash_leads","trash_leads_c",66,{"type":98,"name":180,"callback":181,"file":106,"line":182},"vx_contact_pre_restore_leads","restore_leads_c",67,{"type":98,"name":184,"callback":185,"priority":101,"file":106,"line":186},"vx_contact_entry_updated","update_entry_c",68,{"type":129,"name":188,"callback":189,"priority":101,"file":106,"line":190},"vx_callcenter_entries_action","bulk_send_crm_callcenter",70,{"type":129,"name":192,"callback":193,"file":106,"line":194},"vx_callcenter_bulk_actions","add_bulk_send_crm_callcenter",71,{"type":98,"name":196,"callback":197,"file":198,"line":154},"plugins_loaded","setup_main","integration-for-contact-form-7-and-pipedrive.php",{"type":98,"name":200,"callback":201,"priority":101,"file":198,"line":27},"cfx_form_submitted","entry_created_crmperks",{"type":98,"name":203,"callback":204,"priority":101,"file":198,"line":205},"vxcf_entry_created","entry_created",94,{"type":98,"name":207,"callback":208,"priority":101,"file":198,"line":209},"vx_contact_created","entry_created_contacts",95,{"type":98,"name":211,"callback":212,"priority":101,"file":198,"line":89},"vx_callcenter_entry_created","entry_created_callcenter",{"type":129,"name":214,"callback":215,"priority":216,"file":198,"line":217},"wpcf7_before_send_mail","create_entry_cf",99,98,{"type":98,"name":219,"callback":220,"priority":216,"file":198,"line":13},"frm_after_create_entry","create_entry_fd",{"type":98,"name":222,"callback":223,"priority":216,"file":198,"line":224},"ninja_forms_after_submission","create_entry_na",101,{"type":98,"name":226,"callback":227,"priority":216,"file":198,"line":228},"wpforms_process_entry_save","create_entry_wp",102,{"type":98,"name":230,"callback":231,"priority":216,"file":198,"line":232},"elementor_pro\u002Fforms\u002Fnew_record","create_entry_el",104,{"type":98,"name":234,"callback":234,"file":198,"line":235},"init",107,{"type":129,"name":237,"callback":238,"priority":101,"file":239,"line":240},"plugin_row_meta","pro_link","wp\\crmperks-notices.php",16,{"type":129,"name":242,"callback":243,"priority":49,"file":239,"line":244},"admin_footer_text","admin_footer",24,{"type":98,"name":138,"callback":246,"file":239,"line":14},"install_forms_notice",{"type":129,"name":248,"callback":249,"priority":250,"file":239,"line":251},"plugins_api","forms_info",11,28,[],[],[],[],{"dangerousFunctions":257,"sqlUsage":258,"outputEscaping":282,"fileOperations":451,"externalRequests":451,"nonceChecks":452,"capabilityChecks":453,"bundledLibraries":454},[],{"prepared":259,"raw":260,"locations":261},25,8,[262,266,269,271,274,276,278,280],{"file":263,"line":264,"context":265},"includes\\data.php",292,"$wpdb->query() with variable interpolation",{"file":263,"line":267,"context":268},390,"$wpdb->get_results() with variable interpolation",{"file":263,"line":270,"context":268},482,{"file":263,"line":272,"context":273},511,"$wpdb->get_row() with variable interpolation",{"file":263,"line":275,"context":265},548,{"file":263,"line":277,"context":265},549,{"file":263,"line":279,"context":265},550,{"file":106,"line":281,"context":268},1901,{"escaped":283,"rawEcho":284,"locations":285},331,92,[286,289,291,293,295,297,299,301,302,303,305,307,310,312,313,316,318,320,322,324,326,328,330,332,335,336,337,338,339,341,343,345,347,349,351,353,355,357,360,361,362,363,364,365,366,367,368,369,370,371,373,375,377,379,381,383,385,387,389,391,393,394,396,398,400,402,403,405,407,410,412,414,416,418,420,422,424,425,427,429,431,433,436,438,440,442,443,444,445,446,447,449],{"file":106,"line":287,"context":288},644,"raw output",{"file":106,"line":290,"context":288},694,{"file":106,"line":292,"context":288},1210,{"file":106,"line":294,"context":288},1217,{"file":106,"line":296,"context":288},1218,{"file":106,"line":298,"context":288},1450,{"file":300,"line":284,"context":288},"templates\\accounts.php",{"file":300,"line":89,"context":288},{"file":300,"line":216,"context":288},{"file":300,"line":304,"context":288},103,{"file":300,"line":306,"context":288},108,{"file":308,"line":309,"context":288},"templates\\crm-entry-box.php",12,{"file":308,"line":311,"context":288},21,{"file":308,"line":259,"context":288},{"file":314,"line":315,"context":288},"templates\\feed-account.php",258,{"file":314,"line":317,"context":288},266,{"file":314,"line":319,"context":288},267,{"file":314,"line":321,"context":288},286,{"file":314,"line":323,"context":288},343,{"file":314,"line":325,"context":288},385,{"file":314,"line":327,"context":288},397,{"file":314,"line":329,"context":288},423,{"file":331,"line":14,"context":288},"templates\\feed-object.php",{"file":333,"line":334,"context":288},"templates\\feeds.php",27,{"file":333,"line":334,"context":288},{"file":333,"line":107,"context":288},{"file":333,"line":304,"context":288},{"file":333,"line":232,"context":288},{"file":333,"line":340,"context":288},105,{"file":333,"line":342,"context":288},106,{"file":333,"line":344,"context":288},109,{"file":333,"line":346,"context":288},120,{"file":333,"line":348,"context":288},121,{"file":333,"line":350,"context":288},122,{"file":333,"line":352,"context":288},131,{"file":333,"line":354,"context":288},138,{"file":333,"line":356,"context":288},154,{"file":358,"line":359,"context":288},"templates\\fields-mapping.php",46,{"file":358,"line":158,"context":288},{"file":358,"line":158,"context":288},{"file":358,"line":166,"context":288},{"file":358,"line":166,"context":288},{"file":358,"line":182,"context":288},{"file":358,"line":182,"context":288},{"file":358,"line":194,"context":288},{"file":358,"line":194,"context":288},{"file":358,"line":27,"context":288},{"file":358,"line":235,"context":288},{"file":358,"line":344,"context":288},{"file":358,"line":372,"context":288},114,{"file":358,"line":374,"context":288},142,{"file":358,"line":376,"context":288},143,{"file":358,"line":378,"context":288},144,{"file":358,"line":380,"context":288},146,{"file":358,"line":382,"context":288},178,{"file":358,"line":384,"context":288},183,{"file":358,"line":386,"context":288},227,{"file":358,"line":388,"context":288},241,{"file":358,"line":390,"context":288},322,{"file":358,"line":392,"context":288},333,{"file":358,"line":90,"context":288},{"file":358,"line":395,"context":288},384,{"file":358,"line":397,"context":288},452,{"file":358,"line":399,"context":288},462,{"file":358,"line":401,"context":288},514,{"file":358,"line":279,"context":288},{"file":358,"line":404,"context":288},553,{"file":406,"line":224,"context":288},"templates\\log.php",{"file":408,"line":409,"context":288},"templates\\logs.php",204,{"file":408,"line":411,"context":288},213,{"file":408,"line":413,"context":288},240,{"file":408,"line":415,"context":288},248,{"file":408,"line":417,"context":288},260,{"file":408,"line":419,"context":288},271,{"file":408,"line":421,"context":288},296,{"file":408,"line":423,"context":288},314,{"file":408,"line":423,"context":288},{"file":408,"line":426,"context":288},427,{"file":408,"line":428,"context":288},430,{"file":408,"line":430,"context":288},471,{"file":408,"line":432,"context":288},476,{"file":434,"line":435,"context":288},"templates\\setting.php",31,{"file":434,"line":437,"context":288},45,{"file":439,"line":132,"context":288},"templates\\settings-table.php",{"file":439,"line":441,"context":288},51,{"file":439,"line":166,"context":288},{"file":239,"line":162,"context":288},{"file":239,"line":162,"context":288},{"file":239,"line":162,"context":288},{"file":239,"line":217,"context":288},{"file":239,"line":448,"context":288},159,{"file":239,"line":450,"context":288},160,2,17,23,[455],{"name":456,"version":39,"knownCves":457},"Select2",[],[459,478,486,497],{"entryPoint":460,"graph":461,"unsanitizedCount":29,"severity":477},"settings_page (includes\\plugin-pages.php:1458)",{"nodes":462,"edges":474},[463,468],{"id":464,"type":465,"label":466,"file":106,"line":467},"n0","source","$_POST",1496,{"id":469,"type":470,"label":471,"file":106,"line":472,"wp_function":473},"n1","sink","update_option() [Settings Manipulation]",1499,"update_option",[475],{"from":464,"to":469,"sanitized":476},true,"low",{"entryPoint":479,"graph":480,"unsanitizedCount":29,"severity":477},"\u003Cplugin-pages> (includes\\plugin-pages.php:0)",{"nodes":481,"edges":484},[482,483],{"id":464,"type":465,"label":466,"file":106,"line":467},{"id":469,"type":470,"label":471,"file":106,"line":472,"wp_function":473},[485],{"from":464,"to":469,"sanitized":476},{"entryPoint":487,"graph":488,"unsanitizedCount":29,"severity":477},"\u003Ccrm-entry-box> (templates\\crm-entry-box.php:0)",{"nodes":489,"edges":495},[490,492],{"id":464,"type":465,"label":491,"file":308,"line":240},"$_REQUEST['vx_debug']",{"id":469,"type":470,"label":493,"file":308,"line":240,"wp_function":494},"echo() [XSS]","echo",[496],{"from":464,"to":469,"sanitized":476},{"entryPoint":498,"graph":499,"unsanitizedCount":29,"severity":477},"\u003Clogs> (templates\\logs.php:0)",{"nodes":500,"edges":517},[501,504,505,509,511,515],{"id":464,"type":465,"label":502,"file":408,"line":503},"$_REQUEST['entry_id']",233,{"id":469,"type":470,"label":493,"file":408,"line":503,"wp_function":494},{"id":506,"type":465,"label":507,"file":408,"line":508},"n2","$_REQUEST['start_date']",276,{"id":510,"type":470,"label":493,"file":408,"line":508,"wp_function":494},"n3",{"id":512,"type":465,"label":513,"file":408,"line":514},"n4","$_REQUEST['end_date']",277,{"id":516,"type":470,"label":493,"file":408,"line":514,"wp_function":494},"n5",[518,519,520],{"from":464,"to":469,"sanitized":476},{"from":506,"to":510,"sanitized":476},{"from":512,"to":516,"sanitized":476},{"summary":522,"deductions":523},"The plugin 'integration-for-contact-form-7-and-pipedrive' version 1.2.5 exhibits a mixed security posture.  On one hand, the static analysis reveals a promising lack of direct entry points like AJAX handlers, REST API routes, and shortcodes that are unprotected by authentication. This suggests a relatively contained attack surface.  Furthermore, the presence of a good percentage of prepared statements for SQL queries and a decent rate of output escaping are positive indicators of secure coding practices. However, the vulnerability history is a significant concern. With three known CVEs, including a past critical vulnerability and two medium severity issues, the plugin has a track record of security flaws. The types of past vulnerabilities (Deserialization, CSRF, XSS) indicate potential for serious compromise if similar issues are present or reoccur.\n\nWhile the current static analysis shows no critical or high severity taint flows and a low number of file operations and external HTTP requests, the historical vulnerability data cannot be ignored. The past critical vulnerability and the presence of bundled libraries (Select2) which might be outdated or vulnerable warrant careful consideration.  The plugin shows efforts towards security with nonce and capability checks, but the persistent occurrence of security flaws in its history is a red flag.  The plugin's overall security is therefore tempered by its past performance, suggesting that users should remain vigilant and ensure they are always running the latest patched version, though currently there are no unpatched CVEs.",[524,527,529],{"reason":525,"points":526},"History of critical vulnerability",15,{"reason":528,"points":101},"History of medium vulnerabilities",{"reason":530,"points":28},"Bundled libraries (Select2)","2026-03-16T18:56:15.465Z",{"wat":533,"direct":542},{"assetPaths":534,"generatorPatterns":537,"scriptPaths":538,"versionParams":539},[535,536],"\u002Fwp-content\u002Fplugins\u002Fintegration-for-contact-form-7-and-pipedrive\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fintegration-for-contact-form-7-and-pipedrive\u002Fjs\u002Fpipedrive.js",[],[536],[540,541],"integration-for-contact-form-7-and-pipedrive\u002Fstyle.css?ver=","integration-for-contact-form-7-and-pipedrive\u002Fjs\u002Fpipedrive.js?ver=",{"cssClasses":543,"htmlComments":545,"htmlAttributes":547,"restEndpoints":549,"jsGlobals":550,"shortcodeOutput":552},[544],"crmperks-pro-upgrade-notice",[546],"plugin api",[548],"data-vxcf-pipedrive-options",[],[551],"vxcf_pipedrive_obj",[],{"error":476,"url":554,"statusCode":555,"statusMessage":556,"message":556},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fintegration-for-contact-form-7-and-pipedrive\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":309,"versions":558},[559,564,571,577,585,593,600,609,618,628,638,648],{"version":6,"download_url":26,"svn_tag_url":560,"released_at":39,"has_diff":51,"diff_files_changed":561,"diff_lines":39,"trac_diff_url":562,"vulnerabilities":563,"is_current":476},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.5&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.6",[],{"version":565,"download_url":566,"svn_tag_url":567,"released_at":39,"has_diff":51,"diff_files_changed":568,"diff_lines":39,"trac_diff_url":569,"vulnerabilities":570,"is_current":51},"1.2.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.4&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.5",[],{"version":41,"download_url":572,"svn_tag_url":573,"released_at":39,"has_diff":51,"diff_files_changed":574,"diff_lines":39,"trac_diff_url":575,"vulnerabilities":576,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.3&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.4",[],{"version":578,"download_url":579,"svn_tag_url":580,"released_at":39,"has_diff":51,"diff_files_changed":581,"diff_lines":39,"trac_diff_url":582,"vulnerabilities":583,"is_current":51},"1.2.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.2&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.3",[584],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":586,"download_url":587,"svn_tag_url":588,"released_at":39,"has_diff":51,"diff_files_changed":589,"diff_lines":39,"trac_diff_url":590,"vulnerabilities":591,"is_current":51},"1.2.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.1&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.2",[592],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":58,"download_url":594,"svn_tag_url":595,"released_at":39,"has_diff":51,"diff_files_changed":596,"diff_lines":39,"trac_diff_url":597,"vulnerabilities":598,"is_current":51},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.0&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.1",[599],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"version":601,"download_url":602,"svn_tag_url":603,"released_at":39,"has_diff":51,"diff_files_changed":604,"diff_lines":39,"trac_diff_url":605,"vulnerabilities":606,"is_current":51},"1.2.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.2.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.2.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.1.8&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.2.0",[607,608],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":53,"url_slug":54,"title":55,"severity":59,"cvss_score":60,"vuln_type":62,"patched_in_version":58},{"version":610,"download_url":611,"svn_tag_url":612,"released_at":39,"has_diff":51,"diff_files_changed":613,"diff_lines":39,"trac_diff_url":614,"vulnerabilities":615,"is_current":51},"1.1.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.1.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.1.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.6&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.1.8",[616,617],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":53,"url_slug":54,"title":55,"severity":59,"cvss_score":60,"vuln_type":62,"patched_in_version":58},{"version":619,"download_url":620,"svn_tag_url":621,"released_at":39,"has_diff":51,"diff_files_changed":622,"diff_lines":39,"trac_diff_url":623,"vulnerabilities":624,"is_current":51},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.5&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.6",[625,626,627],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":53,"url_slug":54,"title":55,"severity":59,"cvss_score":60,"vuln_type":62,"patched_in_version":58},{"id":70,"url_slug":71,"title":72,"severity":59,"cvss_score":76,"vuln_type":78,"patched_in_version":75},{"version":629,"download_url":630,"svn_tag_url":631,"released_at":39,"has_diff":51,"diff_files_changed":632,"diff_lines":39,"trac_diff_url":633,"vulnerabilities":634,"is_current":51},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.2&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.5",[635,636,637],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":53,"url_slug":54,"title":55,"severity":59,"cvss_score":60,"vuln_type":62,"patched_in_version":58},{"id":70,"url_slug":71,"title":72,"severity":59,"cvss_score":76,"vuln_type":78,"patched_in_version":75},{"version":639,"download_url":640,"svn_tag_url":641,"released_at":39,"has_diff":51,"diff_files_changed":642,"diff_lines":39,"trac_diff_url":643,"vulnerabilities":644,"is_current":51},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.0&new_path=%2Fintegration-for-contact-form-7-and-pipedrive%2Ftags%2F1.0.2",[645,646,647],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":53,"url_slug":54,"title":55,"severity":59,"cvss_score":60,"vuln_type":62,"patched_in_version":58},{"id":70,"url_slug":71,"title":72,"severity":59,"cvss_score":76,"vuln_type":78,"patched_in_version":75},{"version":649,"download_url":650,"svn_tag_url":651,"released_at":39,"has_diff":51,"diff_files_changed":652,"diff_lines":39,"trac_diff_url":39,"vulnerabilities":653,"is_current":51},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fintegration-for-contact-form-7-and-pipedrive.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fintegration-for-contact-form-7-and-pipedrive\u002Ftags\u002F1.0.0\u002F",[],[654,655,656],{"id":35,"url_slug":36,"title":37,"severity":42,"cvss_score":43,"vuln_type":45,"patched_in_version":41},{"id":53,"url_slug":54,"title":55,"severity":59,"cvss_score":60,"vuln_type":62,"patched_in_version":58},{"id":70,"url_slug":71,"title":72,"severity":59,"cvss_score":76,"vuln_type":78,"patched_in_version":75}]