Does Contributors: tripgrass have any unpatched vulnerabilities?

No. All known vulnerabilities in Contributors: tripgrass have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Contributors: tripgrass compatible with WordPress 3.4.2?

According to WordPress.org data, Contributors: tripgrass 1.0 has been tested up to WordPress 3.4.2. Check the plugin's changelog for the latest compatibility information.

How often is Contributors: tripgrass updated?

Contributors: tripgrass was last updated on Apr 17, 2015. Frequent updates are generally a positive security signal.

What is Contributors: tripgrass's security score?

Contributors: tripgrass has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Contributors: tripgrass Security & Risk Analysis

wordpress.org/plugins/lead-to-clio

Lead-to-Clio integrates your Wordpress Blog with your Clio Account - automatically creating tasks and contacts for new leads.

10 active installs v1.0 PHP + WP 3.0.1+ Updated Apr 17, 2015

clioformlawlegal

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Contributors: tripgrass Safe to Use in 2026?

Generally Safe

Score 85/100

Contributors: tripgrass has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 10yr ago

Risk Assessment

The 'lead-to-clio' v1.0 plugin exhibits a generally strong security posture based on the provided static analysis. The absence of known vulnerabilities (CVEs) and zero recorded critical or high-severity issues in its history are positive indicators. The code analysis reveals no dangerous functions, no direct SQL queries (all prepared statements), no file operations, and no external HTTP requests. This suggests a developer mindful of common attack vectors.

However, there are notable areas of concern. The analysis indicates that 27% of output is not properly escaped, which could lead to cross-site scripting (XSS) vulnerabilities if the unescaped output contains user-supplied data. Furthermore, the taint analysis identified two flows with unsanitized paths, which, despite not being classified as critical or high severity in this specific analysis, represent potential pathways for exploitation if user input is not properly validated or sanitized before being used in sensitive operations. The complete lack of nonce checks and capability checks across all identified entry points (even though the attack surface is reported as zero) is a significant oversight, leaving any potential future additions to the attack surface exposed to common WordPress privilege escalation and CSRF attacks.

Key Concerns

Unescaped output detected
Taint flows with unsanitized paths
Missing nonce checks
Missing capability checks

Vulnerabilities

None known

Contributors: tripgrass Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Contributors: tripgrass Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

8 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

73% escaped11 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

settings_page (includes\class-lead-to-clio-settings.php:150)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Contributors: tripgrass Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 10

actionadmin_initincludes\class-lead-to-clio-settings.php:48

actionadmin_menuincludes\class-lead-to-clio-settings.php:51

actionwp_footerincludes\class-lead-to-clio.php:116

actionwp_enqueue_scriptsincludes\class-lead-to-clio.php:117

actionwp_enqueue_scriptsincludes\class-lead-to-clio.php:125

actionwp_enqueue_scriptsincludes\class-lead-to-clio.php:126

actionadmin_enqueue_scriptsincludes\class-lead-to-clio.php:129

actionadmin_enqueue_scriptsincludes\class-lead-to-clio.php:130

actioninitincludes\class-lead-to-clio.php:134

actionpost_updatedincludes\class-lead-to-clio.php:136

Maintenance & Trust

Contributors: tripgrass Maintenance & Trust

Maintenance Signals

WordPress version tested3.4.2

Last updatedApr 17, 2015

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Contributors: tripgrass Alternatives

Clio Grow Form

clio-grow-form

The Clio Grow Wordpress plugin enables law firms who use Clio Grow to automatically capture leads from their website or blog into the Clio Grow CRM.

1K 3 CVEs

OlalaWeb – Custom WP Login

olalaweb-custom-wp-login

Customize your WP login screen with your own logo (from your Media Library) and resize the form with a few clicks.

10 No CVEs

WP PLC Swissknife

wp-plc-swissknife

100

A simple and lightweight plugin to enhance performance, stability and security of wordpress

10 No CVEs

AttorneyConnect AI

attorneyconnect-ai

100

AttorneyConnect AI is the Most Advanced Conversational Website Receptionist Built for Small Law Firms.

0 No CVEs

Juridic-OS Connector

juridic-os-connector

El plugin oficial de Juridic-OS para integración de formularios de contacto con sistemas de gestión legal.

0 No CVEs

Developer Profile

Contributors: tripgrass Developer Profile

tripgrass

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Contributors: tripgrass

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lead-to-clio/assets/css/style.css/wp-content/plugins/lead-to-clio/assets/js/settings.js

Script Paths

/wp-content/plugins/lead-to-clio/assets/js/settings.js

Version Parameters

lead-to-clio/assets/css/style.css?ver=lead-to-clio/assets/js/settings.js?ver=

HTML / DOM Fingerprints

CSS Classes

lead-to-clio_settings

JS Globals

lead_to_clio_settings

FAQ