[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fPTbcXybwRFAiTuhD6JVixQh6CzRI9aJ4XB1xZlZV1bc":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":49,"crawl_stats":38,"alternatives":56,"analysis":161,"fingerprints":637},"lenix-elementor-leads-addon","Lenix Leads Collector","2.0.0","yonifre","https:\u002F\u002Fprofiles.wordpress.org\u002Fyonifre\u002F","\u003Cp>Lenix Leads Collector is a powerful plugin that stores and manages leads from your Elementor,Cf7,WPForms and more with export to CSV.\u003C\u002Fp>\n\u003Cp>Key Features:\u003Cbr \u002F>\n* Automatic capture of all Elementor form submissions\u003Cbr \u002F>\n* Automatic capture of all Hello Plus form submissions\u003Cbr \u002F>\n* Automatic capture of all Cf7 form submissions\u003Cbr \u002F>\n* Automatic capture of all WPForms form submissions\u003Cbr \u002F>\n* Centralized management interface in WordPress admin panel\u003Cbr \u002F>\n* Quick and easy export of leads to CSV format\u003Cbr \u002F>\n* Support for global forms\u003Cbr \u002F>\n* Multi-language support (including English, Hebrew, French and more)\u003Cbr \u002F>\n* User-friendly and intuitive interface\u003Cbr \u002F>\n* Date-based filtering for exports\u003Cbr \u002F>\n* Secure data handling\u003Cbr \u002F>\n* Each lead is a post in WordPress, so you can use all the features of WordPress to manage them\u003C\u002Fp>\n\u003Cp>No need to install any other plugin, just install and use, no configuration needed.\u003C\u002Fp>\n\u003Cp>The plugin provides a seamless way to track, manage, and export all leads received through your forms, organizing them similarly to WordPress posts for easy access and management.\u003C\u002Fp>\n\u003Cp>Perfect for Websites and organizations looking to efficiently manage their form submissions and lead data in one central location.\u003C\u002Fp>\n\u003Ch4>Maspik – Spam Protection\u003C\u002Fh4>\n\u003Cp>For improved spam protection, check out our sister plugin \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-forms-anti-spam\u002F\" rel=\"ugc\">Maspik\u003C\u002Fa>\u003Cbr \u002F>\nWe provide built-in spam protection and filtering. For enhanced spam prevention, we recommend using Maspik – an advanced anti-spam solution specifically designed for WordPress forms.\u003C\u002Fp>\n\u003Cp>With a 95%+ success rate, Maspik uses smart technology to block spam submissions while ensuring legitimate leads get through.\u003Cbr \u002F>\nThe plugin works instantly with no CAPTCHA required and includes features like smart blacklist system, IP blocking, and phone number validation.\u003C\u002Fp>\n\u003Cp>Compatible with all major form plugins including Elementor forms, you can set it up in just 2 minutes. \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcontact-forms-anti-spam\u002F\" rel=\"ugc\">Learn more about Maspik\u003C\u002Fa>\u003C\u002Fp>\n","Leads Collector, Collects forms entries from Elementor,Cf7,WPForms and more with export to CSV.",10000,182611,88,25,"2025-06-12T06:39:00.000Z","6.8.5","5.0","7.0",[20,21,22,23,24],"contact-form-db","crm","form-collector","hello-plus","leads","https:\u002F\u002Flenix.co.il\u002Fplugin\u002Flenix-elementor-leads-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flenix-elementor-leads-addon.2.0.0.zip",98,1,0,"2025-02-19 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-1039","lenix-elementor-leads-addon-unauthenticated-stored-cross-site-scripting-via-url-form-field","Lenix Elementor Leads addon \u003C= 1.8.2 - Unauthenticated Stored Cross-Site Scripting via URL Form Field","The Lenix Elementor Leads addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a URL form field in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.8.2","1.8.3","high",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-02-20 12:41:34",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F29f835c8-769a-47c0-832f-622860b1c59c?source=api-prod",2,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":50,"total_installs":51,"avg_security_score":52,"avg_patch_time_days":53,"trust_score":54,"computed_at":55},6,41410,83,85,76,"2026-04-04T14:00:22.379Z",[57,78,100,120,142],{"slug":58,"name":59,"version":60,"author":58,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":69,"requires_at_least":17,"requires_php":70,"tags":71,"homepage":75,"download_link":76,"security_score":52,"vuln_count":28,"unpatched_count":29,"last_vuln_date":77,"fetched_at":31},"leadsnap","LeadSnap","1.25","https:\u002F\u002Fprofiles.wordpress.org\u002Fleadsnap\u002F","\u003Cp>This is the official plugin for LeadSnap. This plugin creates the connection between WordPress and your LeadSnap account. Form submissions are instantly available and ready to  leverage all the powerful features of our lead management system within the LeadSnap system. For more information on features, plans and more check out \u003Ca href=\"https:\u002F\u002Fwww.leadsnap.com\u002F\" rel=\"nofollow ugc\">leadsnap.com\u003C\u002Fa>.\u003C\u002Fp>\n","Save the leads to our lead management system CRM generated by Contact Form 7",1000,6418,100,4,"2023-03-09T09:56:00.000Z","6.1.10","5.2.4",[72,73,21,24,74],"cf7","contact-form","management","https:\u002F\u002Fwww.leadsnap.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fleadsnap.1.25.zip","2023-03-10 00:00:00",{"slug":79,"name":80,"version":81,"author":82,"author_profile":83,"description":84,"short_description":85,"active_installs":66,"downloaded":86,"rating":87,"num_ratings":88,"last_updated":89,"tested_up_to":90,"requires_at_least":91,"requires_php":92,"tags":93,"homepage":96,"download_link":97,"security_score":98,"vuln_count":88,"unpatched_count":29,"last_vuln_date":99,"fetched_at":31},"crm-customer-relationship-management-by-vcita","CRM and Lead Management by vcita","2.8.1","vcita","https:\u002F\u002Fprofiles.wordpress.org\u002Fvcita\u002F","\u003Cp>CRM & Leads for WordPress is the ultimate way to manage leads and customer relationships. It’s a powerful CRM that lets you do a lot more than capturing and storing customers data.\u003C\u002Fp>\n\u003Cp>CRM by vcita works for you, and brings more business your way. The CRM plugin will:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Generate new sales opportunities\u003C\u002Fli>\n\u003Cli>Provide insights about new leads \u003C\u002Fli>\n\u003Cli>Save time with automated client communications, notifications and reminders.\u003C\u002Fli>\n\u003Cli>Help you search, tracks and manage leads and clients.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Together with vcita Client Portal, vcita CRM helps optimizing your WordPress websites and encourage visitors to take action on your site: send a message, schedule an appointment, upload documents and pay for services, any time, using any device.\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FwFGA823q-EY?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Cp>Quickly view, manage and reply to customers on-the-go with the \u003Cstrong>vcita Mobile CRM App for \u003Ca href=\"https:\u002F\u002Fitunes.apple.com\u002Fapp\u002Fvcita-mobile-crm\u002Fid1025423769?mt=8\" rel=\"nofollow ugc\">iPhone\u003C\u002Fa> or \u003Ca href=\"https:\u002F\u002Fplay.google.com\u002Fstore\u002Fapps\u002Fdetails?id=com.vcita.mobileapp\" rel=\"nofollow ugc\">Android\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>The vcita CRM & Lead Management plugin connects to your vcita account. You may create a vcita account directly from the plugin, with a 14-day FREE TRIAL.\u003C\u002Fp>\n\u003Ch4>vcita CRM & Lead Management main functionalities:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Lead Capturing & Management CRM\u003C\u002Fstrong> –  vcita CRM & Leads makes your website work for you. It encourages visitors to contact and can double the number of new sales opportunities you get through your site. Every contact submitted on your WordPress website is captured by the vcita CRM, and is automatically available in one simple dashboard to quickly qualify and follow-up. \u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client Management\u003C\u002Fstrong> – The CRM lets you easily organize, search and edit client information and social data, mark for follow-up, request payment or scheduler appointments.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client Portal\u003C\u002Fstrong> – A secure 24\u002F7 client portal offering account updates, payment status, document requests and messages. Clients can communicate at their convenience and even set additional appointments, make payments and upload documents.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Online Calendar\u003C\u002Fstrong> – Manage your business calendar, invite leads and clients for meetings and offer them to schedule appointments right on your site –  based on your up to date availability.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invoicing Templates and Online Payment Collect\u003C\u002Fstrong> – vcita CRM lets you create professional invoices including your logo and details. Your clients can pay for your services online, using any credit card or PayPal.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email ans SMS marketing\u003C\u002Fstrong> – promote your services and events with targeted email and SMS campaigns to clients. Craft beautiful, mobile-friendly emails in minutes and track results and client actions in real time.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cp>CRM & Lead Management Plugin for WordPress by vcita is fully translated to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Spanish\u003C\u002Fli>\n\u003Cli>French\u003C\u002Fli>\n\u003Cli>Russian\u003C\u002Fli>\n\u003Cli>Portuguese\u003C\u002Fli>\n\u003Cli>German\u003C\u002Fli>\n\u003Cli>Polish\u003C\u002Fli>\n\u003Cli>Italian\u003C\u002Fli>\n\u003Cli>Dutch\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Don’t see your language here? You can manually change the contact form labels, buttons and other texts to show in your language!\u003Cbr \u002F>\n\u003C\u002Fp>\n\u003Ch4>More of the CRM & Lead Management plugin key features:\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Import all existing contacts from Google, Outlook or Excel to vcita CRM in seconds.\u003C\u002Fli>\n\u003Cli>Export all leads and contact to CSV.\u003C\u002Fli>\n\u003Cli>Generate more leads from your WordPress site.\u003C\u002Fli>\n\u003Cli>Add unlimited number of custom fields on every client record on your CRM.\u003C\u002Fli>\n\u003Cli>View complete client communication history on your CRM\u003C\u002Fli>\n\u003Cli>Share and\u002For request documents right from your CRM.\u003C\u002Fli>\n\u003Cli>Send customized invoices and get paid faster with \u003Ca href=\"https:\u002F\u002Fwww.vcita.com\u002Fsoftware\u002Finvoicing?invite=WP-v-CRM&O=WP-CRM\" rel=\"nofollow ugc\">online payments\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Offer Self-service \u003Ca href=\"https:\u002F\u002Fwww.vcita.com\u002Fsoftware\u002Fonline_scheduling?invite=WP-v-CRM&O=WP-CRM\" rel=\"nofollow ugc\">appointment scheduling\u003C\u002Fa> for your clients and get more appointments in less time.\u003C\u002Fli>\n\u003Cli>vcita CRM will send email and mobile notifications of contact requests, or when a client needs attention or a follow-up. You can respond using any device, anywhere.\u003C\u002Fli>\n\u003Cli>Share files as part of your conversation with existing clients, and track client files on your CRM.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What Our Clients Say:\u003C\u002Fh4>\n\u003Cp>\u003Cem>“I have been trying vcita and experienced the benefit immediately. It is so user friendly, both for me and my clients. I tore my hair out with another CRM for months and had some frustrated clients. This time, scheduling was easy and so was payment — what a relief!! Yes, clients were almost happy to pay me because it was so easy!\u003C\u002Fem>” Margie Gordillo, Get Real Professional Coaching\u003C\u002Fp>\n\u003Cp>\u003Cem>“The more I use vcita the more valuable I realize it is. I would recommend using this invaluable tool for all businesses whether just starting out as I was or going through growth and in need of client management system.”\u003C\u002Fem> Winston C. Trumpet\u003C\u002Fp>\n\u003Cp>\u003Cem>“ShopKeep is growing fast and vcita is able to easily scales with our growth. vcita is easy to use, client-centric and it looks great on mobile—which makes ShopKeep look good. And, vcita goes the extra mile to ensure the software is easy, comfortable and right the first time. It’s been key to our success in sales.”\u003C\u002Fem> Don Bernard, ShopKeep \u003C\u002Fp>\n\u003Cp>\u003Cem>“vcita is a great solution for us as it is easy to use, saves time and most of all, it works. vcita customer support is always there if we have a question.”\u003C\u002Fem> Al Nazarelli, CEO of Silicon Valley Research Group\u003C\u002Fp>\n\u003Cp>Learn more about our \u003Ca href=\"https:\u002F\u002Fwww.vcita.com\u002Fsoftware\u002Fcrm_contact_management?invite=WP-v-CRM&O=WP-CRM\" rel=\"nofollow ugc\">Contact Management Software\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Building WordPress sites for others?\u003C\u002Fh4>\n\u003Cp>Use vcita LiveSite on any WordPress website you build and manage all vcita plugins from one dashboard. \u003Cbr \u002F> Visit \u003Ca href=\"https:\u002F\u002Fwww.vcita.com?invite=WP\" rel=\"nofollow ugc\">www.vcita.com\u003C\u002Fa> for additional information.\u003C\u002Fp>\n","CRM for WordPress: a powerful, all-in-one client management tool that will help you keep your clients close and create long-lasting customer relations &hellip;",42950,72,5,"2025-07-23T06:01:00.000Z","6.7.5","4.6","",[94,21,95,24,74],"contact","database","https:\u002F\u002Fwww.vcita.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcrm-customer-relationship-management-by-vcita.2.8.1.zip",96,"2025-07-21 11:35:18",{"slug":101,"name":102,"version":103,"author":104,"author_profile":105,"description":106,"short_description":107,"active_installs":66,"downloaded":108,"rating":66,"num_ratings":28,"last_updated":109,"tested_up_to":110,"requires_at_least":111,"requires_php":92,"tags":112,"homepage":117,"download_link":118,"security_score":66,"vuln_count":28,"unpatched_count":29,"last_vuln_date":119,"fetched_at":31},"wiseagentleadform","Wise Agent Lead Forms","3.3.2","wiseagentwp","https:\u002F\u002Fprofiles.wordpress.org\u002Fwiseagentwp\u002F","\u003Cp>Wise Agent is a powerful real estate CRM platform combining contact management, lead automation, transaction management, and real estate marketing all in one software. Our WordPress plugin lets you easily add capture forms to any page on your WordPress site, funneling leads into your Wise Agent account and automating lead management according to your specified rules. Streamline your lead generation process and maximize your productivity with Wise Agent.\u003C\u002Fp>\n\u003Ch3>Features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\n\u003Cp>Capture Form Integration: Add capture forms to any page and effortlessly direct leads into your Wise Agent account.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Lead Funneling: Funnel leads into your Wise Agent account, ensuring centralized lead management.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Lead Rule Automation: Automate lead management by setting up rules within Wise Agent to trigger personalized marketing content to new leads instantly, based on predefined criteria.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Elementor Integration: Seamlessly integrate Wise Agent with Elementor to add capture forms to your Elementor pages.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Content Management: Customized post types and meta fields for events and testimonials.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>For any support or inquiries, please contact us at support@wiseagent.com or visit our website at www.wiseagent.com. We’ll be glad to assist you!\u003C\u002Fp>\n","Short Description: The Wise Agent WordPress plugin lets you easily add capture forms to any page on your WordPress site.",5798,"2026-03-04T22:14:00.000Z","6.9.4","5.2",[113,21,114,115,116],"capture-leads","lead-capture-forms","real-estate-tools","wise-agent","http:\u002F\u002Fwww.wiseagent.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwiseagentleadform.zip","2021-09-09 00:00:00",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":66,"num_ratings":130,"last_updated":131,"tested_up_to":110,"requires_at_least":132,"requires_php":92,"tags":133,"homepage":137,"download_link":138,"security_score":139,"vuln_count":140,"unpatched_count":29,"last_vuln_date":141,"fetched_at":31},"sprout-clients","Sprout Clients – CRM and Lead Management","3.2.3","BoldGrid","https:\u002F\u002Fprofiles.wordpress.org\u002Fboldgrid\u002F","\u003Cblockquote>\n\u003Cp>\u003Cstrong>Sprout Apps Family\u003C\u002Fstrong>\u003Cbr \u002F>\n  Sprout Clients is a standalone Lead Management plugin and is complimentary to \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsprout-invoices\u002F\" rel=\"ugc\">Sprout Invoices\u003C\u002Fa>, another free business centric plugin from \u003Ca href=\"https:\u002F\u002Fsproutinvoices.com\u002F?utm_medium=link&utm_campaign=free&utm_source=wordpress.org\" rel=\"nofollow ugc\">Sprout Apps\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Sprout Clients – Premium WordPress CRM & Lead Management Plugin\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>The future of \u003Ca href=\"https:\u002F\u002Fsproutinvoices.com\u002Fsprout-clients\u002F?utm_medium=link&utm_campaign=free&utm_source=wordpress.org\" rel=\"nofollow ugc\">Sprout Clients\u003C\u002Fa> relies on happy customers supporting Sprout Invoices by purchasing upgraded versions. If you like this free version of Sprout Clients please consider \u003Ca href=\"https:\u002F\u002Fsproutinvoices.com\u002Fsprout-clients\u002F?utm_medium=link&utm_campaign=free&utm_source=wordpress.org\" rel=\"nofollow ugc\">purchasing an upgrade\u003C\u002Fa>.\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Create Leads, Sprout Clients\u003C\u002Fh4>\n\u003Cp>Properly leveraging your contact lists isn’t sending out a single email to the entire list asking for work — instead you need to build business relationships. Managing contacts and customers shouldn’t be a burden, and  Sprout Clients wants to make the that entire process easier and less time consuming.\u003C\u002Fp>\n\u003Ch4>Scheduled Messaging\u003C\u002Fh4>\n\u003Cp>Write to your leads\u002Fclients now and have them delivered later. Meet someone new and want to follow-up in a couple weeks, now there’s no forgetting. Version 2.0\u003C\u002Fp>\n\u003Ch4>Engagements\u003C\u002Fh4>\n\u003Cp>Sometimes you meet your clients or create specific engagements. Sprout Clients wants to tie those engagements to your clients for reference and automation. Version 2.0\u003C\u002Fp>\n\u003Ch4>Relationship Building\u003C\u002Fh4>\n\u003Cp>The premise of “managing” your contacts is to build relationships. Sprout Clients wants to make the process of building those relationships easier and less time consuming.\u003C\u002Fp>\n\u003Ch4>Sprout App Integrations with Sprout Invoices\u003C\u002Fh4>\n\u003Cp>Regardless of this being a standalone app the integration compliments Sprout Invoices very well. Future integrations with Help Scout Desk, and more are planned.\u003C\u002Fp>\n\u003Ch4>Built the WordPress Way\u003C\u002Fh4>\n\u003Cp>Plenty of filters and actions allow you to hook into Sprout Clients and alter whatever you’d like or build some awesome features beyond what we have planed for the future.\u003C\u002Fp>\n\u003Ch4>Awesome Support\u003C\u002Fh4>\n\u003Cp>The results of our happiness report show people love our support, check it out on the Sprout Invoices page — we strive for happy!\u003C\u002Fp>\n\u003Cp>Make sure to review the \u003Ca href=\"https:\u002F\u002Fsproutinvoices.com\u002Fsprout-clients\u002F?utm_medium=link&utm_campaign=free&utm_source=wordpress.org\" rel=\"nofollow ugc\">Sprout Clients\u003C\u002Fa> features page for more detailed information. As well as the full featured \u003Ca href=\"https:\u002F\u002Fsproutinvoices.com\u002Fdemo\u002Fplayground\" rel=\"nofollow ugc\">demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>Support\u003C\u002Fh3>\n\u003Cp>Priority support is provided with an \u003Ca href=\"https:\u002F\u002Fsproutinvoices.com\u002Fsprout-clients\u002F?utm_medium=link&utm_campaign=free&utm_source=wordpress.org\" rel=\"nofollow ugc\">upgraded version\u003C\u002Fa>. All free support will provided in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fsprout-clients\" rel=\"ugc\">forums\u003C\u002Fa>.\u003C\u002Fp>\n","Properly leveraging your contact lists isn’t sending out a single email to the entire list asking for work — instead you need to build business relati &hellip;",70,9678,7,"2026-02-17T16:44:00.000Z","5.5",[134,21,135,136,24],"client-management","emailing","invoicing","https:\u002F\u002Fsproutinvoices.com\u002Fsprout-clients\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsprout-clients.3.2.3.zip",95,3,"2025-10-23 00:00:00",{"slug":143,"name":144,"version":145,"author":146,"author_profile":147,"description":148,"short_description":149,"active_installs":150,"downloaded":151,"rating":29,"num_ratings":29,"last_updated":152,"tested_up_to":153,"requires_at_least":154,"requires_php":92,"tags":155,"homepage":159,"download_link":160,"security_score":53,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"helloleads-cf7-form","HelloLeads CF7 Form","1.0","Helloleads CRM","https:\u002F\u002Fprofiles.wordpress.org\u002Fhelloleads\u002F","\u003Cp>This Plugin provide functionality for connecting the HelloLeads CRM. You can directly create your lead into HelloLeads CRM via submitting the CF7 form from your website.\u003C\u002Fp>\n\u003Ch3>3rd Party HelloLeads\u003C\u002Fh3>\n\u003Cp>This plugin is used for sending your contact form data to HelloLeads CRM. All you need to create an account on HelloLeads and you will get all the credentials that this plugin is need to communucate with HelloLeads CRM API. You are requested to please visit the below URL for privacy policy and data security.\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fwww.helloleads.io\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fwww.helloleads.io\u002Fterms\u002F\u003C\u002Fp>\n\u003Cp>https:\u002F\u002Fwww.helloleads.io\u002Fsecurity\u002F\u003C\u002Fp>\n","This Plugin provide functionality for connecting the HelloLeads CRM. You can directly create your lead into HelloLeads CRM via submitting the CF7 form &hellip;",30,1622,"2022-11-11T06:13:00.000Z","6.0.11","4.7",[156,21,157,158],"coontact-form-7","helloleads","lead-generation","https:\u002F\u002Fwww.helloleads.io\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fhelloleads-cf7-form.1.0.zip",{"attackSurface":162,"codeSignals":373,"taintFlows":499,"riskAssessment":624,"analyzedAt":636},{"hooks":163,"ajaxHandlers":346,"restRoutes":370,"shortcodes":371,"cronEvents":372,"entryPointCount":50,"unprotectedCount":29},[164,171,177,182,187,191,195,198,202,206,210,214,218,221,225,229,233,237,241,246,249,253,257,260,264,267,271,274,277,280,284,287,291,293,296,299,302,305,308,313,316,320,321,325,329,331,334,338,341],{"type":165,"name":166,"callback":167,"priority":168,"file":169,"line":170},"action","plugins_loaded","lenix_elementor_leads_load_integrations",20,"elementor-leads.php",50,{"type":172,"name":173,"callback":174,"priority":175,"file":169,"line":176},"filter","plugin_row_meta","lenix_plugin_row_meta",10,53,{"type":165,"name":178,"callback":179,"file":180,"line":181},"wpcf7_mail_sent","handle_cf7_submission","inc\\cf7-integration.php",103,{"type":165,"name":183,"callback":184,"file":185,"line":186},"init","init_permissions","inc\\class-lenix-custom-fields.php",19,{"type":165,"name":188,"callback":189,"file":185,"line":190},"lenix_after_lead_save","save_lead_custom_fields",22,{"type":165,"name":192,"callback":193,"file":185,"line":194},"add_meta_boxes","add_custom_fields_meta_box",23,{"type":165,"name":192,"callback":196,"file":185,"line":197},"add_lead_source_meta_box",24,{"type":165,"name":199,"callback":200,"file":185,"line":201},"elementor_leads_general_settings","render_lead_tracking_settings",27,{"type":165,"name":203,"callback":204,"file":185,"line":205},"admin_init","register_lead_tracking_settings",28,{"type":165,"name":207,"callback":208,"file":185,"line":209},"wp_footer","add_tracking_code",31,{"type":165,"name":211,"callback":212,"file":185,"line":213},"admin_notices","display_admin_notices",34,{"type":165,"name":215,"callback":216,"file":185,"line":217},"admin_enqueue_scripts","enqueue_admin_scripts",48,{"type":165,"name":219,"callback":189,"priority":175,"file":185,"line":220},"save_post_elementor_lead",52,{"type":172,"name":222,"callback":223,"file":185,"line":224},"manage_elementor_lead_posts_columns","add_custom_columns",56,{"type":165,"name":226,"callback":227,"priority":175,"file":185,"line":228},"manage_elementor_lead_posts_custom_column","render_custom_column",57,{"type":165,"name":230,"callback":231,"file":185,"line":232},"restrict_manage_posts","add_custom_filters",58,{"type":172,"name":234,"callback":235,"file":185,"line":236},"parse_query","filter_leads_by_custom_fields",59,{"type":172,"name":238,"callback":239,"file":185,"line":240},"redirect_post_location","closure",378,{"type":172,"name":242,"callback":243,"file":244,"line":245},"months_dropdown_results","__return_empty_array","inc\\class-lenix-elementor-forms.php",562,{"type":165,"name":192,"callback":247,"file":244,"line":248},"elementor_leads_meta_box_add",840,{"type":172,"name":250,"callback":251,"file":244,"line":252},"manage_posts_columns","elementor_leads_columns_head",841,{"type":165,"name":254,"callback":255,"priority":175,"file":244,"line":256},"manage_posts_custom_column","elementor_leads_columns_content",842,{"type":172,"name":258,"callback":243,"file":244,"line":259},"views_edit-elementor_lead",843,{"type":165,"name":261,"callback":262,"file":244,"line":263},"admin_head","remove_date_drop",845,{"type":165,"name":183,"callback":265,"file":244,"line":266},"export_elementor_leads_to_csv",846,{"type":165,"name":268,"callback":269,"file":244,"line":270},"pre_get_posts","filter_form_leads",847,{"type":165,"name":192,"callback":272,"file":273,"line":130},"add_response_meta_box","inc\\class-lenix-lead-response.php",{"type":165,"name":215,"callback":275,"priority":168,"file":273,"line":276},"enqueue_response_scripts",8,{"type":165,"name":278,"callback":279,"file":273,"line":175},"admin_post_lenix_submit_response","handle_response_submission",{"type":165,"name":281,"callback":282,"file":283,"line":130},"lead_status_add_form_fields","add_status_color_field","inc\\class-lenix-lead-status.php",{"type":165,"name":285,"callback":286,"file":283,"line":276},"lead_status_edit_form_fields","edit_status_color_field",{"type":165,"name":288,"callback":289,"file":283,"line":290},"created_lead_status","save_status_color",9,{"type":165,"name":292,"callback":289,"file":283,"line":175},"edited_lead_status",{"type":165,"name":215,"callback":294,"file":283,"line":295},"enqueue_color_picker",11,{"type":165,"name":222,"callback":297,"file":283,"line":298},"add_status_column",12,{"type":165,"name":226,"callback":300,"priority":175,"file":283,"line":301},"render_status_column",13,{"type":165,"name":211,"callback":303,"file":283,"line":304},"add_status_management_link",15,{"type":165,"name":215,"callback":306,"file":283,"line":307},"enqueue_scripts",16,{"type":165,"name":309,"callback":310,"priority":175,"file":311,"line":312},"elementor_pro\u002Fforms\u002Fnew_record","store_submit_form","inc\\elementor-api.php",51,{"type":165,"name":314,"callback":315,"priority":175,"file":311,"line":220},"hello_plus\u002Fforms\u002Fprocess","store_submit_form_hello",{"type":165,"name":317,"callback":318,"file":319,"line":170},"admin_footer","lenix_elementor_leads_css_to_footer","inc\\functions.php",{"type":165,"name":207,"callback":318,"file":319,"line":312},{"type":165,"name":261,"callback":322,"file":323,"line":324},"edisable_new_posts","inc\\meta-boxes.php",67,{"type":165,"name":326,"callback":327,"priority":328,"file":323,"line":54},"admin_menu","elementor_leads_register_admin_menu",205,{"type":165,"name":330,"callback":239,"file":323,"line":328},"load-edit.php",{"type":165,"name":219,"callback":332,"file":323,"line":333},"lenix_save_lead_status",239,{"type":165,"name":183,"callback":335,"file":336,"line":337},"lenix_elementor_leads_register_post_type","inc\\postype-taxonomy.php",60,{"type":165,"name":183,"callback":339,"file":336,"line":340},"lenix_register_lead_status_taxonomy",118,{"type":165,"name":342,"callback":343,"priority":175,"file":344,"line":345},"wpforms_process_complete","handle_wpforms_submission","inc\\wpforms-integration.php",101,[347,353,356,359,362,366],{"action":348,"nopriv":349,"callback":350,"hasNonce":351,"hasCapCheck":351,"file":185,"line":352},"save_custom_field",false,"ajax_save_custom_field",true,49,{"action":354,"nopriv":349,"callback":355,"hasNonce":351,"hasCapCheck":351,"file":185,"line":170},"delete_custom_field","ajax_delete_custom_field",{"action":357,"nopriv":349,"callback":358,"hasNonce":351,"hasCapCheck":351,"file":185,"line":312},"update_custom_fields_order","ajax_update_custom_fields_order",{"action":360,"nopriv":349,"callback":361,"hasNonce":351,"hasCapCheck":351,"file":273,"line":298},"lenix_submit_response_ajax","handle_response_submission_ajax",{"action":363,"nopriv":349,"callback":364,"hasNonce":351,"hasCapCheck":349,"file":273,"line":365},"lenix_get_response_history","ajax_get_response_history",18,{"action":367,"nopriv":349,"callback":368,"hasNonce":351,"hasCapCheck":351,"file":283,"line":369},"update_lead_status","update_lead_status_ajax",17,[],[],[],{"dangerousFunctions":374,"sqlUsage":375,"outputEscaping":391,"fileOperations":48,"externalRequests":29,"nonceChecks":276,"capabilityChecks":186,"bundledLibraries":498},[],{"prepared":301,"raw":88,"locations":376},[377,380,383,385,388],{"file":185,"line":378,"context":379},71,"$wpdb->get_var() with variable interpolation",{"file":185,"line":381,"context":382},77,"$wpdb->get_col() with variable interpolation",{"file":185,"line":384,"context":382},121,{"file":185,"line":386,"context":387},123,"$wpdb->query() with variable interpolation",{"file":185,"line":389,"context":390},184,"$wpdb->get_results() with variable interpolation",{"escaped":392,"rawEcho":176,"locations":393},171,[394,397,399,401,403,405,407,409,411,413,415,417,419,421,423,425,427,429,431,433,435,437,439,441,443,445,447,449,450,452,454,456,458,459,461,463,465,467,469,470,472,474,476,478,481,483,485,487,489,491,492,494,496],{"file":185,"line":395,"context":396},544,"raw output",{"file":185,"line":398,"context":396},569,{"file":185,"line":400,"context":396},574,{"file":185,"line":402,"context":396},685,{"file":185,"line":404,"context":396},972,{"file":185,"line":406,"context":396},1017,{"file":185,"line":408,"context":396},1043,{"file":185,"line":410,"context":396},1068,{"file":244,"line":412,"context":396},157,{"file":244,"line":414,"context":396},162,{"file":244,"line":416,"context":396},163,{"file":244,"line":418,"context":396},183,{"file":244,"line":420,"context":396},295,{"file":244,"line":422,"context":396},298,{"file":244,"line":424,"context":396},300,{"file":244,"line":426,"context":396},302,{"file":244,"line":428,"context":396},343,{"file":244,"line":430,"context":396},344,{"file":244,"line":432,"context":396},355,{"file":244,"line":434,"context":396},356,{"file":244,"line":436,"context":396},360,{"file":244,"line":438,"context":396},364,{"file":244,"line":440,"context":396},370,{"file":244,"line":442,"context":396},374,{"file":244,"line":444,"context":396},693,{"file":244,"line":446,"context":396},700,{"file":283,"line":448,"context":396},97,{"file":283,"line":66,"context":396},{"file":283,"line":451,"context":396},134,{"file":323,"line":453,"context":396},26,{"file":323,"line":455,"context":396},32,{"file":323,"line":457,"context":396},40,{"file":323,"line":236,"context":396},{"file":323,"line":460,"context":396},142,{"file":323,"line":462,"context":396},146,{"file":323,"line":464,"context":396},150,{"file":323,"line":466,"context":396},154,{"file":323,"line":468,"context":396},182,{"file":323,"line":418,"context":396},{"file":323,"line":471,"context":396},191,{"file":323,"line":473,"context":396},192,{"file":323,"line":475,"context":396},199,{"file":477,"line":13,"context":396},"templates\\custom-fields\\field-row.php",{"file":479,"line":480,"context":396},"templates\\lead-response.php",81,{"file":479,"line":482,"context":396},86,{"file":479,"line":484,"context":396},133,{"file":479,"line":486,"context":396},136,{"file":479,"line":488,"context":396},138,{"file":490,"line":312,"context":396},"templates\\response-history.php",{"file":490,"line":224,"context":396},{"file":490,"line":493,"context":396},102,{"file":490,"line":495,"context":396},104,{"file":490,"line":497,"context":396},106,[],[500,517,533,544,555,576,591],{"entryPoint":501,"graph":502,"unsanitizedCount":28,"severity":516},"add_custom_filters (inc\\class-lenix-custom-fields.php:556)",{"nodes":503,"edges":514},[504,509],{"id":505,"type":506,"label":507,"file":185,"line":508},"n0","source","$_GET",566,{"id":510,"type":511,"label":512,"file":185,"line":400,"wp_function":513},"n1","sink","echo() [XSS]","echo",[515],{"from":505,"to":510,"sanitized":349},"medium",{"entryPoint":518,"graph":519,"unsanitizedCount":48,"severity":516},"handle_response_submission (inc\\class-lenix-lead-response.php:52)",{"nodes":520,"edges":530},[521,524,527],{"id":505,"type":506,"label":522,"file":273,"line":523},"$_POST (x2)",129,{"id":510,"type":525,"label":526,"file":273,"line":523},"transform","→ lenix_get_email_template()",{"id":528,"type":511,"label":512,"file":529,"line":205,"wp_function":513},"n2","inc\\templates\\email-response-template.php",[531,532],{"from":505,"to":510,"sanitized":349},{"from":510,"to":528,"sanitized":349},{"entryPoint":534,"graph":535,"unsanitizedCount":48,"severity":516},"handle_response_submission_ajax (inc\\class-lenix-lead-response.php:177)",{"nodes":536,"edges":541},[537,539,540],{"id":505,"type":506,"label":522,"file":273,"line":538},258,{"id":510,"type":525,"label":526,"file":273,"line":538},{"id":528,"type":511,"label":512,"file":529,"line":205,"wp_function":513},[542,543],{"from":505,"to":510,"sanitized":349},{"from":510,"to":528,"sanitized":349},{"entryPoint":545,"graph":546,"unsanitizedCount":67,"severity":516},"\u003Cclass-lenix-lead-response> (inc\\class-lenix-lead-response.php:0)",{"nodes":547,"edges":552},[548,550,551],{"id":505,"type":506,"label":549,"file":273,"line":523},"$_POST (x4)",{"id":510,"type":525,"label":526,"file":273,"line":523},{"id":528,"type":511,"label":512,"file":529,"line":205,"wp_function":513},[553,554],{"from":505,"to":510,"sanitized":349},{"from":510,"to":528,"sanitized":349},{"entryPoint":556,"graph":557,"unsanitizedCount":29,"severity":575},"render_lead_tracking_settings (inc\\class-lenix-custom-fields.php:945)",{"nodes":558,"edges":572},[559,562,566,569],{"id":505,"type":506,"label":560,"file":185,"line":561},"$_POST['elementor_leads_view_role']",962,{"id":510,"type":511,"label":563,"file":185,"line":564,"wp_function":565},"update_option() [Settings Manipulation]",961,"update_option",{"id":528,"type":506,"label":567,"file":185,"line":568},"$_POST['elementor_leads_edit_role']",968,{"id":570,"type":511,"label":563,"file":185,"line":571,"wp_function":565},"n3",967,[573,574],{"from":505,"to":510,"sanitized":351},{"from":528,"to":570,"sanitized":351},"low",{"entryPoint":577,"graph":578,"unsanitizedCount":48,"severity":41},"ajax_save_custom_field (inc\\class-lenix-custom-fields.php:203)",{"nodes":579,"edges":588},[580,582,584],{"id":505,"type":506,"label":522,"file":185,"line":581},222,{"id":510,"type":525,"label":583,"file":185,"line":581},"→ get_field()",{"id":528,"type":511,"label":585,"file":185,"line":586,"wp_function":587},"get_row() [SQLi]",194,"get_row",[589,590],{"from":505,"to":510,"sanitized":349},{"from":510,"to":528,"sanitized":349},{"entryPoint":592,"graph":593,"unsanitizedCount":88,"severity":41},"\u003Cclass-lenix-custom-fields> (inc\\class-lenix-custom-fields.php:0)",{"nodes":594,"edges":617},[595,598,600,601,602,604,606,608,610,613,615],{"id":505,"type":506,"label":596,"file":185,"line":597},"$_POST (x12)",273,{"id":510,"type":511,"label":512,"file":185,"line":599,"wp_function":513},480,{"id":528,"type":506,"label":507,"file":185,"line":508},{"id":570,"type":511,"label":512,"file":185,"line":400,"wp_function":513},{"id":603,"type":506,"label":560,"file":185,"line":561},"n4",{"id":605,"type":511,"label":563,"file":185,"line":564,"wp_function":565},"n5",{"id":607,"type":506,"label":567,"file":185,"line":568},"n6",{"id":609,"type":511,"label":563,"file":185,"line":571,"wp_function":565},"n7",{"id":611,"type":506,"label":612,"file":185,"line":581},"n8","$_POST (x5)",{"id":614,"type":525,"label":583,"file":185,"line":581},"n9",{"id":616,"type":511,"label":585,"file":185,"line":586,"wp_function":587},"n10",[618,619,620,621,622,623],{"from":505,"to":510,"sanitized":351},{"from":528,"to":570,"sanitized":351},{"from":603,"to":605,"sanitized":351},{"from":607,"to":609,"sanitized":351},{"from":611,"to":614,"sanitized":349},{"from":614,"to":616,"sanitized":349},{"summary":625,"deductions":626},"The lenix-elementor-leads-addon plugin version 2.0.0 exhibits a generally good security posture with several strengths, including a complete absence of unprotected AJAX handlers and REST API routes. The presence of numerous nonce and capability checks on its entry points is also a positive sign. However, there are areas for improvement. The taint analysis reveals two high-severity flows with unsanitized paths, indicating a potential risk of input manipulation that could lead to vulnerabilities if not handled carefully downstream. While the majority of SQL queries utilize prepared statements and output escaping is mostly implemented correctly, the remaining percentages (28% for SQL, 24% for output) suggest that a small number of potentially insecure operations might exist.\n\nThe plugin's vulnerability history shows one previously disclosed high-severity vulnerability related to Cross-Site Scripting (XSS). Although this vulnerability is currently patched and there are no unpatched CVEs, the pattern of past XSS issues warrants attention, especially in conjunction with the taint analysis findings.  The existence of two high-severity taint flows with unsanitized paths, coupled with a history of XSS, suggests a heightened vigilance is needed around user-supplied input.  Overall, while the plugin demonstrates a commitment to security best practices, the identified taint flows and historical vulnerability type highlight specific areas that require careful review and ongoing monitoring to mitigate potential risks.",[627,629,630,632,634],{"reason":628,"points":298},"High severity taint flow with unsanitized paths",{"reason":628,"points":298},{"reason":631,"points":88},"SQL queries not using prepared statements",{"reason":633,"points":67},"Output not properly escaped",{"reason":635,"points":130},"Historically vulnerable to XSS","2026-03-16T17:35:50.974Z",{"wat":638,"direct":647},{"assetPaths":639,"generatorPatterns":642,"scriptPaths":643,"versionParams":644},[640,641],"\u002Fwp-content\u002Fplugins\u002Flenix-elementor-leads-addon\u002Fassets\u002Fcss\u002Fadmin-style.css","\u002Fwp-content\u002Fplugins\u002Flenix-elementor-leads-addon\u002Fassets\u002Fjs\u002Fmain.js",[],[641],[645,646],"lenix-elementor-leads-addon\u002Fassets\u002Fcss\u002Fadmin-style.css?ver=","lenix-elementor-leads-addon\u002Fassets\u002Fjs\u002Fmain.js?ver=",{"cssClasses":648,"htmlComments":651,"htmlAttributes":652,"restEndpoints":655,"jsGlobals":656,"shortcodeOutput":658},[649,650],"lenix_leads_collector","lenix-custom-field",[],[653,654],"data-lenix-leads-field-key","data-lenix-leads-field-type",[],[657],"window.LenixLeadsAjax",[]]