Does Integration of Zoho CRM and Contact Form 7 have any unpatched vulnerabilities?

Yes — Integration of Zoho CRM and Contact Form 7 currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Integration of Zoho CRM and Contact Form 7 compatible with WordPress 6.8.5?

According to WordPress.org data, Integration of Zoho CRM and Contact Form 7 1.0.7 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Integration of Zoho CRM and Contact Form 7 compatible with PHP 5.6+?

Integration of Zoho CRM and Contact Form 7 requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Integration of Zoho CRM and Contact Form 7 updated?

Integration of Zoho CRM and Contact Form 7 was last updated on Jun 18, 2025. Frequent updates are generally a positive security signal.

What is Integration of Zoho CRM and Contact Form 7's security score?

Integration of Zoho CRM and Contact Form 7 has a WP-Safety security score of 79/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Integration of Zoho CRM and Contact Form 7 Security & Risk Analysis

wordpress.org/plugins/integration-of-zoho-crm-and-contact-form-7

Visit plugin's website

400 active installs v1.0.7 PHP 5.6+ WP 5.0+ Updated Jun 18, 2025

cf7-and-zohocontact-form-7-with-zohozoho-and-cf7zoho-integrationzoho-with-contact-form-7

B · Generally Safe

CVEs total1

Unpatched1

Last CVEApr 1, 2025

Plugin page Download

Safety Verdict

Is Integration of Zoho CRM and Contact Form 7 Safe to Use in 2026?

Mostly Safe

Score 79/100

Integration of Zoho CRM and Contact Form 7 is generally safe to use. 1 past CVE were resolved. Keep it updated.

1 known CVE 1 unpatched Last CVE: Apr 1, 2025Updated 9mo ago

Risk Assessment

The plugin 'integration-of-zoho-crm-and-contact-form-7' version 1.0.7 exhibits a mixed security posture. On the positive side, the plugin demonstrates strong output escaping practices, with 100% of outputs being properly escaped, and it utilizes prepared statements for a significant portion of its SQL queries (77%). It also includes a reasonable number of nonce and capability checks, indicating some awareness of secure coding principles. However, there are significant concerns arising from the attack surface analysis. The plugin exposes a REST API route without any permission callback, making it a potential entry point for unauthorized actions. Furthermore, the plugin has a history of vulnerabilities, including a medium severity CVE that is currently unpatched. This suggests a pattern of potential security weaknesses that are not being consistently addressed, particularly the previously identified 'Open Redirect' vulnerability type.

Key Concerns

Unpatched CVE found
REST API route without permission callback

Vulnerabilities

Integration of Zoho CRM and Contact Form 7 Security Vulnerabilities

CVEs by Year

1 CVE in 2025 · unpatched

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-31821medium · 6.1URL Redirection to Untrusted Site ('Open Redirect')

Integration of Zoho CRM and Contact Form 7 <= 1.0.6 - Open Redirect

Apr 1, 2025Unpatched

Code Analysis

Analyzed Mar 16, 2026

Integration of Zoho CRM and Contact Form 7 Code Analysis

Dangerous Functions

Raw SQL Queries

10 prepared

Unescaped Output

25 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

77% prepared13 total queries

Output Escaping

100% escaped25 total outputs

Attack Surface

1 unprotected

Integration of Zoho CRM and Contact Form 7 Attack Surface

Entry Points1

Unprotected1

REST API Routes 1

GET/wp-json/bitcf7zc/redirectincludes\Integration\Integrations.php:211

WordPress Hooks 13

actionadmin_menuincludes\Admin\Admin_Bar.php:16

actionadmin_enqueue_scriptsincludes\Admin\Admin_Bar.php:17

filterscript_loader_tagincludes\Admin\Admin_Bar.php:18

actionwpcf7_submitincludes\Admin\CF7\Hooks.php:16

filterwpcf7_form_hidden_fieldsincludes\Admin\CF7\Hooks.php:17

actionbitcf7zc_activationincludes\Core\Util\Activation.php:16

actionbitcf7zc_deactivationincludes\Core\Util\Deactivation.php:21

actionbitcf7zc_uninstallincludes\Core\Util\Uninstallation.php:20

actionrest_api_initincludes\Integration\Integrations.php:44

filterbitcf7zc_addRelatedListincludes\Integration\ZohoCRM\ZohoCRMHandler.php:339

actionplugins_loadedincludes\Plugin.php:39

actionadmin_noticesincludes\Plugin.php:48

actioninitincludes\Plugin.php:51

Maintenance & Trust

Integration of Zoho CRM and Contact Form 7 Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedJun 18, 2025

PHP min version5.6

Downloads6K

Community Trust

Rating0/100

Number of ratings0

Active installs400

Alternatives

Integration of Zoho CRM and Contact Form 7 Alternatives

Integration for Zoho Campaigns and CF7

integrations-for-zoho-campaigns-and-cf7

100

A simple integration tool to send Contact Form 7 submissions to Zoho Campaigns.

0 No CVEs

Integrations of Zoho CRM with Elementor form

integrations-of-zoho-crm-with-elementor-form

Visit plugin's website

300 1 unpatched

Integration of Zoho CRM and WPForms

integration-of-zoho-crm-and-wpforms

100

Visit plugin's website

100 No CVEs

Integrations of Zoho Campaigns with Elementor form

integrations-of-zoho-campaigns-with-elementor-form

100

Visit plugin's website

50 No CVEs

Catalyst Connect Zoho CRM Client Portal

catalyst-connect-client-portal

The plugin utilizes data directly from the Zoho CRM and allows the user to pick and choose which data is visible on your website.

10 2 CVEs

Developer Profile

Integration of Zoho CRM and Contact Form 7 Developer Profile

formsintegrations

9 plugins · 980 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Integration of Zoho CRM and Contact Form 7

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/integration-of-zoho-crm-and-contact-form-7/assets/index-1.0.7.js

Script Paths

/wp-content/plugins/integration-of-zoho-crm-and-contact-form-7/includes/loader.php

Version Parameters

integration-of-zoho-crm-and-contact-form-7/assets/index-1.0.7.js?ver=

HTML / DOM Fingerprints

JS Globals

window.bitcf7

REST Endpoints

/wp-json/bitcf7zc/redirect

FAQ

Integration of Zoho CRM and Contact Form 7 Security & Risk Analysis

Is Integration of Zoho CRM and Contact Form 7 Safe to Use in 2026?

Mostly Safe

Key Concerns

Integration of Zoho CRM and Contact Form 7 Security Vulnerabilities

CVEs by Year

Severity Breakdown

Integration of Zoho CRM and Contact Form 7 Code Analysis

SQL Query Safety

Output Escaping

Integration of Zoho CRM and Contact Form 7 Attack Surface

REST API Routes 1

Integration of Zoho CRM and Contact Form 7 Maintenance & Trust

Maintenance Signals

Community Trust

Integration of Zoho CRM and Contact Form 7 Alternatives

Integration for Zoho Campaigns and CF7

Integrations of Zoho CRM with Elementor form

Integration of Zoho CRM and WPForms

Integrations of Zoho Campaigns with Elementor form

Catalyst Connect Zoho CRM Client Portal

Integration of Zoho CRM and Contact Form 7 Developer Profile

How We Detect Integration of Zoho CRM and Contact Form 7

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Integration of Zoho CRM and Contact Form 7