[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fcsfu2P2IDzauNUM9MqKcmqwiTIau4DKp7WikTxBrknQ":3,"$fjMaeMkFtPCNYAP3mXubOcfENdnPWfUeM-6-0lJI_FU0":386,"$fb6qBukMddyDCbojIWwVNFDwhbOr0DpnYAiX_qRGySDE":390},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":21,"download_link":22,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":25,"discovery_status":26,"vulnerabilities":27,"developer":28,"crawl_stats":24,"alternatives":34,"analysis":67,"fingerprints":351},"isms-contact-form","iSMS Contact Form","1.1","mobiweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fmobiweb\u002F","\u003Cp>iSMS Contact Form will notify you with SMS when people fills up the contact form.\u003C\u002Fp>\n\u003Cp>iSMS Contact Form can create multiple contact forms and customize the mail contents using simple markups. The forms are readily integrated with the mobile number field and simple to setup. You will be able to collect and view all the form data submitted from your website.\u003C\u002Fp>\n\u003Cp>iSMS Contact Form WordPress plugin is free. Sign up an \u003Ca href=\"https:\u002F\u002Fwww.isms.com.my\u002Fregister.php\" rel=\"nofollow ugc\">iSMS account\u003C\u002Fa>, top up some \u003Ca href=\"https:\u002F\u002Fwww.isms.com.my\u002Fbuy_reload.php\" rel=\"nofollow ugc\">SMS credits\u003C\u002Fa> and you can start enjoy our SMS services with the customer list you have build.\u003C\u002Fp>\n\u003Ch4>PLUGIN FEATURES\u003C\u002Fh4>\n\u003Cp>iSMS WordPress contact form with built in mobile number field and store form data features. Form Captcha is readily integrated with contact form and You will have an option to Enable\u002FDisable visitor’s contact form message send to Admin’s mobile number.\u003C\u002Fp>\n\u003Cp>iSMS Contact Form plugin has been tested with WordPress latest default theme ( versions at point of release ):\u003C\u002Fp>\n\u003Cp>*Twenty Twenty One\u003C\u002Fp>\n\u003Ch3>Manual installation for iSMS Contact Form Plugin\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload ‘isms-contact-form’ directory to the “\u002Fwp-content\u002Fplugins\u002F” directory e.g via FTP\u003C\u002Fli>\n\u003Cli>Activate the plugin through the “Plugins” menu in WordPress\u003C\u002Fli>\n\u003Cli>Enter username and password of valid \u003Ca href=\"https:\u002F\u002Fwww.isms.com.my\" rel=\"nofollow ugc\">iSMS account\u003C\u002Fa> in iSMS Settings page\u003C\u002Fli>\n\u003Cli>Enable or Disable SMS (visitor’s contact form message send to Admin’s mobile number.)\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Plugin Configurations\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to iSMS Contact and create your iSMS contact forms. A form sample will be provided at the point of creating new forms.\u003C\u002Fli>\n\u003Cli>Insert form tags into your contact form accordingly.\u003C\u002Fli>\n\u003Cli>Click Save Changes.\u003C\u002Fli>\n\u003Cli>Copy the form’s shortcode and paste it into your post, page, or text widget content.\u003C\u002Fli>\n\u003Cli>The contact form will be added to your WordPress website instantly.\u003C\u002Fli>\n\u003Cli>It is recommended that you install WP SMTP to ensure contact form email deliverability.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is Free Software, released and licensed under the GPL, version 2 (https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html).\u003Cbr \u002F>\nYou may use it free of charge for any purpose.\u003C\u002Fp>\n","Contact Form with mobile number field and store form data integration for your WordPress website.",0,944,"2021-05-21T09:18:00.000Z","5.7.15","5.2","5.6",[18,19,20],"customer-contact-builder","customer-enquiry-form","tags-contact-form","https:\u002F\u002Fwww.isms.com.my","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fisms-contact-form.zip",85,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":29,"total_installs":30,"avg_security_score":23,"avg_patch_time_days":31,"trust_score":32,"computed_at":33},3,10,30,84,"2026-05-20T01:13:00.399Z",[35,47],{"slug":36,"name":37,"version":6,"author":7,"author_profile":8,"description":38,"short_description":39,"active_installs":11,"downloaded":40,"rating":11,"num_ratings":11,"last_updated":41,"tested_up_to":14,"requires_at_least":42,"requires_php":16,"tags":43,"homepage":21,"download_link":45,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":46},"isms-contact-form-with-2-factor-authenticator","iSMS Contact Form with 2 Factor Authenticator","\u003Cp>iSMS WordPress Contact Form 2 Factor Authenticator can:\u003Cbr \u002F>\n1. Add contact form into your WordPress web site.\u003Cbr \u002F>\n2. Readily integrated with OTP\u002FTAC Code\u003Cbr \u002F>\n3. Ensure all messages or comments originates from true phone users.\u003C\u002Fp>\n\u003Cp>iSMS Contact Form with 2 Factor Authenticator can create multiple contact forms with integrated SMS authenticator field. Contact forms can be customize to suit your mail contents requirement using simple markups. The forms are readily integrated with sms authenticator field (mobile number field) add on security function and simple to setup. You will be able to collect and view all the form data entries submitted from your website.\u003C\u002Fp>\n\u003Cp>iSMS Contact Form with 2 Factor Authenticator WordPress plugin is free. Sign up an \u003Ca href=\"https:\u002F\u002Fwww.isms.com.my\u002Fregister.php\" rel=\"nofollow ugc\">iSMS account\u003C\u002Fa>, top up some \u003Ca href=\"https:\u002F\u002Fwww.isms.com.my\u002Fbuy_reload.php\" rel=\"nofollow ugc\">SMS credits\u003C\u002Fa> and you can start enjoy our SMS services with the customer list you have build.\u003C\u002Fp>\n\u003Ch4>PLUGIN FEATURES\u003C\u002Fh4>\n\u003Cp>WordPress contact form with built in SMS authenticator field (mobile number field) and store form data entries features.\u003C\u002Fp>\n\u003Cp>iSMS Contact Form with 2 Factor Authenticator plugin has been tested with WordPress latest default theme ( versions at point of release ):\u003C\u002Fp>\n\u003Cp>*Twenty Twenty\u003C\u002Fp>\n\u003Ch3>Manual installation for iSMS Contact Form Plugin\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Upload ‘isms-authform’ directory to the “\u002Fwp-content\u002Fplugins\u002F” directory e.g via FTP\u003C\u002Fli>\n\u003Cli>Activate the plugin through the “Plugins” menu in WordPress\u003C\u002Fli>\n\u003Cli>Enter username and password of valid \u003Ca href=\"https:\u002F\u002Fwww.isms.com.my\" rel=\"nofollow ugc\">iSMS account\u003C\u002Fa> in iSMS Settings page\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Plugin Configurations\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Go to iSMS Contact with Authenticator and create your iSMS contact forms. A form sample will be provided at the point of creating new forms.\u003C\u002Fli>\n\u003Cli>Insert form tags into your contact form accordingly.\u003C\u002Fli>\n\u003Cli>Click Save Changes.\u003C\u002Fli>\n\u003Cli>Copy the form’s shortcode and paste it into your post, page, or text widget content.\u003C\u002Fli>\n\u003Cli>The contact form (SMS Authenticator integration ready) will be added to your WordPress website instantly.\u003C\u002Fli>\n\u003Cli>It is recommended that you install WP SMTP to ensure contact form email deliverability.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>License\u003C\u002Fh3>\n\u003Cp>This plugin is Free Software, released and licensed under the GPL, version 2 (https:\u002F\u002Fwww.gnu.org\u002Flicenses\u002Fgpl-2.0.html).\u003Cbr \u002F>\nYou may use it free of charge for any purpose.\u003C\u002Fp>\n","iSMS Contact Form with 2 Factor Authenticator integration and store form's data entries for your WordPress website.",967,"2021-05-24T09:34:00.000Z","5.4",[18,19,44],"tags-contact-form-with-authenticator","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fisms-contact-form-with-2-factor-authenticator.zip","2026-04-16T10:56:18.058Z",{"slug":48,"name":49,"version":50,"author":51,"author_profile":52,"description":53,"short_description":54,"active_installs":55,"downloaded":56,"rating":11,"num_ratings":11,"last_updated":57,"tested_up_to":58,"requires_at_least":59,"requires_php":60,"tags":61,"homepage":60,"download_link":66,"security_score":23,"vuln_count":11,"unpatched_count":11,"last_vuln_date":24,"fetched_at":46},"contact-form-monster","Contact Form Monster","1.0.0","devfelixmoira","https:\u002F\u002Fprofiles.wordpress.org\u002Fdevfelixmoira\u002F","\u003Cp>Contact form plugin is a simple contact form builder tool, which allows the user to create and edit different contact forms.\u003C\u002Fp>\n\u003Cp>** Contact form – Fields: **\u003C\u002Fp>\n\u003Cul>\n\u003Cli>contact form text field\u003C\u002Fli>\n\u003Cli>contact form number field\u003C\u002Fli>\n\u003Cli>contact form text area field\u003C\u002Fli>\n\u003Cli>contact form Address field\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>** Contact form – Submit options: **\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Contact form from Email\u003C\u002Fli>\n\u003Cli>Contact form to Email\u003C\u002Fli>\n\u003Cli>Contact form Subject\u003C\u002Fli>\n\u003Cli>Contact form Message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you think that you have found a bug in \u003Cstrong>Contact form\u003C\u002Fstrong> plugin or have any questions, please feel free to contact us at dev.felixmoira@gmail.com.\u003C\u002Fp>\n","Contact form plugin is a simple contact form builder tool, which allows the user to create and edit different contact forms.",200,2412,"2021-01-22T17:00:00.000Z","5.6.17","3.8","",[62,63,64,65,20],"contact-forms","contact-us","form-builder","form-maker","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-monster.zip",{"attackSurface":68,"codeSignals":145,"taintFlows":259,"riskAssessment":332,"analyzedAt":350},{"hooks":69,"ajaxHandlers":107,"restRoutes":135,"shortcodes":136,"cronEvents":144,"entryPointCount":79,"unprotectedCount":30},[70,76,80,84,88,92,98,102],{"type":71,"name":72,"callback":73,"file":74,"line":75},"action","admin_menu","isms_contact_hook_to_menu","includes\\iSMSContact.php",11,{"type":71,"name":77,"callback":78,"file":74,"line":79},"admin_init","isms_contact_init",12,{"type":71,"name":81,"callback":82,"file":74,"line":83},"admin_enqueue_scripts","isms_contact_scripts_and_style",13,{"type":71,"name":85,"callback":86,"file":74,"line":87},"wp_enqueue_scripts","isms_contact_public_scripts_and_style",14,{"type":71,"name":89,"callback":90,"file":74,"line":91},"init","register_shortcodes",33,{"type":93,"name":94,"callback":95,"file":96,"line":97},"filter","mce_external_plugins","add_buttons","includes\\Plugin.php",214,{"type":93,"name":99,"callback":100,"file":96,"line":101},"mce_buttons","register_buttons",215,{"type":71,"name":103,"callback":104,"file":105,"line":106},"admin_footer","_js_vars","includes\\WPListTable.php",166,[108,113,116,119,121,124,126,128,130,133],{"action":109,"nopriv":110,"callback":111,"hasNonce":110,"hasCapCheck":110,"file":74,"line":112},"get_contact_list",false,"get_form_list",21,{"action":109,"nopriv":114,"callback":111,"hasNonce":110,"hasCapCheck":110,"file":74,"line":115},true,22,{"action":117,"nopriv":110,"callback":117,"hasNonce":110,"hasCapCheck":110,"file":74,"line":118},"get_mail_sent_list",24,{"action":117,"nopriv":114,"callback":117,"hasNonce":110,"hasCapCheck":110,"file":74,"line":120},25,{"action":122,"nopriv":110,"callback":122,"hasNonce":110,"hasCapCheck":110,"file":74,"line":123},"add_form",27,{"action":122,"nopriv":114,"callback":122,"hasNonce":110,"hasCapCheck":110,"file":74,"line":125},28,{"action":127,"nopriv":110,"callback":127,"hasNonce":110,"hasCapCheck":110,"file":74,"line":31},"update_form",{"action":127,"nopriv":114,"callback":127,"hasNonce":110,"hasCapCheck":110,"file":74,"line":129},31,{"action":131,"nopriv":110,"callback":131,"hasNonce":110,"hasCapCheck":110,"file":74,"line":132},"send_email",35,{"action":131,"nopriv":114,"callback":131,"hasNonce":110,"hasCapCheck":110,"file":74,"line":134},36,[],[137,140],{"tag":4,"callback":138,"file":74,"line":139},"isms_contact_form_function",212,{"tag":141,"callback":142,"file":74,"line":143},"isms-field","isms_field_function",213,[],{"dangerousFunctions":146,"sqlUsage":154,"outputEscaping":184,"fileOperations":253,"externalRequests":253,"nonceChecks":254,"capabilityChecks":11,"bundledLibraries":255},[147,151],{"fn":148,"file":96,"line":149,"context":150},"unserialize",642,"if (@unserialize($option) !== false) {",{"fn":148,"file":96,"line":152,"context":153},643,"return unserialize($option);",{"prepared":155,"raw":75,"locations":156},16,[157,161,163,166,170,172,174,177,179,180,182],{"file":158,"line":159,"context":160},"includes\\iSMSContactProcess.php",71,"$wpdb->get_results() with variable interpolation",{"file":158,"line":162,"context":160},76,{"file":158,"line":164,"context":165},81,"$wpdb->get_row() with variable interpolation",{"file":167,"line":168,"context":169},"includes\\iSMSContactTableList.php",143,"$wpdb->get_var() with variable interpolation",{"file":167,"line":171,"context":160},265,{"file":167,"line":173,"context":169},272,{"file":175,"line":87,"context":176},"uninstall.php","$wpdb->query() with variable interpolation",{"file":175,"line":178,"context":176},15,{"file":175,"line":155,"context":176},{"file":175,"line":181,"context":176},17,{"file":175,"line":183,"context":176},18,{"escaped":185,"rawEcho":186,"locations":187},102,32,[188,191,193,195,197,199,201,203,205,207,209,211,213,215,217,219,221,223,225,227,229,231,233,235,237,239,241,243,245,247,249,251],{"file":189,"line":79,"context":190},"captchaImageSource.php","raw output",{"file":74,"line":192,"context":190},284,{"file":74,"line":194,"context":190},312,{"file":74,"line":196,"context":190},314,{"file":74,"line":198,"context":190},730,{"file":74,"line":200,"context":190},731,{"file":74,"line":202,"context":190},755,{"file":167,"line":204,"context":190},304,{"file":167,"line":206,"context":190},326,{"file":96,"line":208,"context":190},666,{"file":96,"line":210,"context":190},769,{"file":96,"line":212,"context":190},822,{"file":96,"line":214,"context":190},853,{"file":105,"line":216,"context":190},369,{"file":105,"line":218,"context":190},417,{"file":105,"line":220,"context":190},466,{"file":105,"line":222,"context":190},467,{"file":105,"line":224,"context":190},468,{"file":105,"line":226,"context":190},473,{"file":105,"line":228,"context":190},927,{"file":105,"line":230,"context":190},1177,{"file":105,"line":232,"context":190},1193,{"file":105,"line":234,"context":190},1203,{"file":105,"line":236,"context":190},1278,{"file":105,"line":238,"context":190},1347,{"file":105,"line":240,"context":190},1350,{"file":105,"line":242,"context":190},1358,{"file":105,"line":244,"context":190},1359,{"file":105,"line":246,"context":190},1360,{"file":105,"line":248,"context":190},1363,{"file":105,"line":250,"context":190},1364,{"file":105,"line":252,"context":190},1365,2,1,[256],{"name":257,"version":24,"knownCves":258},"jQuery",[],[260,299],{"entryPoint":261,"graph":262,"unsanitizedCount":297,"severity":298},"search_box (includes\\WPListTable.php:348)",{"nodes":263,"edges":292},[264,269,274,278,280,284,286,290],{"id":265,"type":266,"label":267,"file":105,"line":268},"n0","source","$_REQUEST['orderby']",356,{"id":270,"type":271,"label":272,"file":105,"line":268,"wp_function":273},"n1","sink","echo() [XSS]","echo",{"id":275,"type":266,"label":276,"file":105,"line":277},"n2","$_REQUEST['order']",359,{"id":279,"type":271,"label":272,"file":105,"line":277,"wp_function":273},"n3",{"id":281,"type":266,"label":282,"file":105,"line":283},"n4","$_REQUEST['post_mime_type']",362,{"id":285,"type":271,"label":272,"file":105,"line":283,"wp_function":273},"n5",{"id":287,"type":266,"label":288,"file":105,"line":289},"n6","$_REQUEST['detached']",365,{"id":291,"type":271,"label":272,"file":105,"line":289,"wp_function":273},"n7",[293,294,295,296],{"from":265,"to":270,"sanitized":110},{"from":275,"to":279,"sanitized":110},{"from":281,"to":285,"sanitized":110},{"from":287,"to":291,"sanitized":110},4,"medium",{"entryPoint":300,"graph":301,"unsanitizedCount":330,"severity":331},"\u003CWPListTable> (includes\\WPListTable.php:0)",{"nodes":302,"edges":323},[303,304,305,306,307,308,309,310,311,315,317,319],{"id":265,"type":266,"label":267,"file":105,"line":268},{"id":270,"type":271,"label":272,"file":105,"line":268,"wp_function":273},{"id":275,"type":266,"label":276,"file":105,"line":277},{"id":279,"type":271,"label":272,"file":105,"line":277,"wp_function":273},{"id":281,"type":266,"label":282,"file":105,"line":283},{"id":285,"type":271,"label":272,"file":105,"line":283,"wp_function":273},{"id":287,"type":266,"label":288,"file":105,"line":289},{"id":291,"type":271,"label":272,"file":105,"line":289,"wp_function":273},{"id":312,"type":266,"label":313,"file":105,"line":314},"n8","$_SERVER",1114,{"id":316,"type":271,"label":272,"file":105,"line":240,"wp_function":273},"n9",{"id":318,"type":266,"label":313,"file":105,"line":314},"n10",{"id":320,"type":271,"label":321,"file":105,"line":240,"wp_function":322},"n11","call_user_func() [RCE]","call_user_func",[324,325,326,327,328,329],{"from":265,"to":270,"sanitized":110},{"from":275,"to":279,"sanitized":110},{"from":281,"to":285,"sanitized":110},{"from":287,"to":291,"sanitized":110},{"from":312,"to":316,"sanitized":110},{"from":318,"to":320,"sanitized":110},6,"high",{"summary":333,"deductions":334},"The 'isms-contact-form' v1.1 plugin presents a significant security risk primarily due to its large unprotected attack surface.  With 10 out of 12 entry points lacking authentication checks, a substantial portion of the plugin's functionality is exposed to unauthenticated users.  The presence of two 'unserialize' functions, a known vector for remote code execution if data is not properly sanitized, is a critical concern, especially when combined with a high-severity taint flow identified. While the plugin's SQL query preparation and output escaping rates are reasonably good, these strengths are overshadowed by the fundamental security flaws in access control.\n\nThe plugin's vulnerability history is a notable strength, showing zero recorded CVEs. This could indicate diligent development practices in the past or simply a lack of targeted exploitation. However, the absence of historical vulnerabilities does not negate the present risks identified in the static analysis. The plugin's overall security posture is therefore concerning, as it exhibits critical vulnerabilities in its access control and data handling that could be exploited despite its clean CVE record. Further investigation into the specific 'unserialize' usage and the high-severity taint flow is strongly recommended.",[335,337,339,342,344,346,348],{"reason":336,"points":30},"Unprotected AJAX handlers",{"reason":338,"points":79},"High severity taint flow",{"reason":340,"points":341},"Dangerous function: unserialize",8,{"reason":343,"points":330},"SQL queries without prepared statements",{"reason":345,"points":29},"Output escaping below 80%",{"reason":347,"points":30},"No capability checks",{"reason":349,"points":341},"Flows with unsanitized paths","2026-03-17T07:08:52.993Z",{"wat":352,"direct":367},{"assetPaths":353,"generatorPatterns":359,"scriptPaths":360,"versionParams":361},[354,355,356,357,358],"\u002Fwp-content\u002Fplugins\u002Fisms-contact-form\u002Fincludes\u002Fjs\u002Fcustom.js","\u002Fwp-content\u002Fplugins\u002Fisms-contact-form\u002Fincludes\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fisms-contact-form\u002Fincludes\u002Fcss\u002Fbootstrap.min.css","\u002Fwp-content\u002Fplugins\u002Fisms-contact-form\u002Fincludes\u002Fcss\u002Fresponsive.css","\u002Fwp-content\u002Fplugins\u002Fisms-contact-form\u002Fincludes\u002Fjs\u002Fbootstrap.min.js",[],[354,358],[362,363,364,365,366],"isms-contact-form\u002Fincludes\u002Fjs\u002Fcustom.js?ver=","isms-contact-form\u002Fincludes\u002Fcss\u002Fstyle.css?ver=","isms-contact-form\u002Fincludes\u002Fcss\u002Fbootstrap.min.css?ver=","isms-contact-form\u002Fincludes\u002Fcss\u002Fresponsive.css?ver=","isms-contact-form\u002Fincludes\u002Fjs\u002Fbootstrap.min.js?ver=",{"cssClasses":368,"htmlComments":370,"htmlAttributes":371,"restEndpoints":380,"jsGlobals":382,"shortcodeOutput":384},[369],"isms-contact-form-wrapper",[],[372,373,374,375,376,377,378,379],"data-form-id","data-mail-to","data-mail-from","data-mail-subject","data-mail-header","data-mail-body","data-html-format","data-added-fields",[381],"\u002Fwp-json\u002Fisms-contact-form\u002Fv1\u002Fsend-email",[383],"isms_contact_ajax_object",[385],"[isms_contact_form]",{"error":114,"url":387,"statusCode":388,"statusMessage":389,"message":389},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fisms-contact-form\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":11,"versions":391},[]]