[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fDSJqF0Z0QIIdY-j_knF56Puhj5EP4CIjfY8q7EWQF6Q":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":105,"crawl_stats":38,"alternatives":113,"analysis":215,"fingerprints":680},"mw-wp-form","MW WP Form","5.1.0","Takashi Kitajima","https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\u002F","\u003Cp>\u003Cstrong>This plugin currently has only the minimum required maintenance releases.\u003C\u002Fstrong>\u003Cbr \u002F>\n\u003Cstrong>Main maintainer has been handed over from @inc2734 to @websoudan.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>MW WP Form can create mail form with a confirmation screen using shortcode.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Form created using shortcodes\u003C\u002Fli>\n\u003Cli>Using confirmation page is possible.\u003C\u002Fli>\n\u003Cli>The page changes by the same URL or individual URL are possible.\u003C\u002Fli>\n\u003Cli>Many validation rules\u003C\u002Fli>\n\u003Cli>Saving inquiry data is possible.\u003C\u002Fli>\n\u003Cli>Displaying Chart using saved inquiry data is possible.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Official\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fmw-wp-form.web-soudan.co.jp\u003C\u002Fp>\n\u003Ch4>GitHub\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fgithub.com\u002Fweb-soudan\u002Fmw-wp-form\u003C\u002Fp>\n\u003Ch4>The following third-party resources\u003C\u002Fh4>\n\u003Cp>Google Charts\u003Cbr \u002F>\nSource: https:\u002F\u002Fdevelopers.google.com\u002Fchart\u002F\u003C\u002Fp>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F2inc.org\" rel=\"nofollow ugc\">Takashi Kitajima\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\" rel=\"nofollow ugc\">inc2734\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwebcre-archive.com\" rel=\"nofollow ugc\">Ryujiro Yamamoto\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fryu263\" rel=\"nofollow ugc\">ryu263\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fkee-non.com\" rel=\"nofollow ugc\">Tsujimoto Tomoyuki\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Ftomothumb\" rel=\"nofollow ugc\">tomothumb\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>[Naoyuki Ohata] ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnanniku\" rel=\"nofollow ugc\">nanniku\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmt8.biz\u002F\" rel=\"nofollow ugc\">Kazuto Takeshita\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmt8biz\u002F\" rel=\"nofollow ugc\">moto hachi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.next-season.net\u002F\" rel=\"nofollow ugc\">Atsushi Ando\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnext-season\u002F\" rel=\"nofollow ugc\">NExt-Season\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fvisualive.jp\u002F\" rel=\"nofollow ugc\">Kazuki Tomiyasu\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fkuck1u\u002F\" rel=\"nofollow ugc\">KUCKLU\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmypacecreator.net\u002F\" rel=\"nofollow ugc\">Kei Nomura\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmypacecreator\u002F\" rel=\"nofollow ugc\">mypacecreator\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmh35\" rel=\"nofollow ugc\">mh35\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnojimage\" rel=\"nofollow ugc\">Takashi Nojima\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fherikutu\" rel=\"nofollow ugc\">herikutu\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ftsucharoku\" rel=\"nofollow ugc\">tsucharoku\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Ft-hamano\" rel=\"nofollow ugc\">Tetsuaki Hamano\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fwildworks\u002F\" rel=\"nofollow ugc\">t-hamano\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fmusus\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmusus\u002F\" rel=\"nofollow ugc\">Susumu Seino\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Flikr\" rel=\"nofollow ugc\">Yosuke Onoue\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Flikr\u002F\" rel=\"nofollow ugc\">likr\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fyudai524\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fyudai524\u002F\" rel=\"nofollow ugc\">Yudai Konishi\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fnoldorinfo\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fnoldorinfo\u002F\" rel=\"nofollow ugc\">takekoshi\u003C\u002Fa> )\u003C\u002Fli>\n\u003C\u002Ful>\n","MW WP Form is shortcode base contact form plugin. This plugin have many features. For example you can use many validation rules, inquiry data saving,  &hellip;",200000,1771027,86,22,"2024-03-13T02:48:00.000Z","6.4.8","6.0","",[20,21,22,23,24],"confirm","form","mail","preview","shortcode","https:\u002F\u002Fmw-wp-form.web-soudan.co.jp","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmw-wp-form.5.1.0.zip",81,5,0,"2024-01-31 00:00:00","2026-03-15T15:16:48.613Z",[33,48,64,80,94],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":6,"severity":40,"cvss_score":41,"cvss_vector":42,"vuln_type":43,"published_date":30,"updated_date":44,"references":45,"days_to_patch":47},"CVE-2024-24804","mw-wp-form-authenticated-editor-stored-cross-site-scripting","MW WP Form \u003C= 5.0.6 - Authenticated (Editor+) Stored Cross-Site Scripting","The MW WP Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=5.0.6","medium",5.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-03-22 15:37:38",[46],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff2126761-cbff-4d46-a6df-4566d15216d7?source=api-prod",52,{"id":49,"url_slug":50,"title":51,"description":52,"plugin_slug":4,"theme_slug":38,"affected_versions":53,"patched_in_version":54,"severity":55,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"CVE-2023-6559","mw-wp-form-improper-limitation-of-file-name-to-unauthenticated-arbitrary-file-deletion","MW WP Form \u003C= 5.0.3 - Improper Limitation of File Name to Unauthenticated Arbitrary File Deletion","The MW WP Form plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 5.0.3. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible.","\u003C=5.0.3","5.0.4","high",7.5,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:H\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2023-12-15 00:00:00","2024-07-29 21:36:13",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F412d555c-9bbd-42f5-8020-ccfc18755a79?source=api-prod",228,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":71,"cvss_score":72,"cvss_vector":73,"vuln_type":74,"published_date":75,"updated_date":76,"references":77,"days_to_patch":79},"CVE-2023-6316","mw-wp-form-unauthenticated-arbitrary-file-upload","MW WP Form \u003C= 5.0.1 - Unauthenticated Arbitrary File Upload","The MW WP Form plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the '_single_file_upload' function in versions up to, and including, 5.0.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.","\u003C=5.0.1","5.0.2","critical",9.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Unrestricted Upload of File with Dangerous Type","2023-12-04 00:00:00","2024-01-22 19:56:02",[78],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb2c03142-be30-4173-a140-14d73a16dd2b?source=api-prod",50,{"id":81,"url_slug":82,"title":83,"description":84,"plugin_slug":4,"theme_slug":38,"affected_versions":85,"patched_in_version":86,"severity":40,"cvss_score":87,"cvss_vector":88,"vuln_type":89,"published_date":90,"updated_date":76,"references":91,"days_to_patch":93},"CVE-2023-46206","mw-wp-form-missing-authorization","MW WP Form \u003C= 4.4.5 - Missing Authorization","The MW WP Form plugin for WordPress is vulnerable to unauthorized access due to a missing capability check in versions up to, and including, 4.4.5. This makes it possible for unauthenticated attackers to perform unauthorized actions.","\u003C=4.4.5","5.0.0",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2023-10-19 00:00:00",[92],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F616de170-6645-4a06-a393-51bec1d8bd8c?source=api-prod",96,{"id":95,"url_slug":96,"title":97,"description":98,"plugin_slug":4,"theme_slug":38,"affected_versions":99,"patched_in_version":100,"severity":40,"cvss_score":87,"cvss_vector":88,"vuln_type":58,"published_date":101,"updated_date":76,"references":102,"days_to_patch":104},"CVE-2023-28409","mw-wp-form-directory-traversal-via-fileupload","MW WP Form \u003C= 4.4.2 - Directory Traversal via _file_upload","The MW WP Form plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.4.2 via the _file_upload function. This allows unauthenticated attackers to upload files of allowed types to arbitrary directories on the site.","\u003C4.4.3","4.4.3","2023-05-08 00:00:00",[103],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff7adeee0-30ff-4759-b42e-1ac2dea5a8a4?source=api-prod",260,{"slug":106,"display_name":7,"profile_url":8,"plugin_count":107,"total_installs":108,"avg_security_score":109,"avg_patch_time_days":110,"trust_score":111,"computed_at":112},"inc2734",11,330630,89,122,71,"2026-04-04T01:21:34.162Z",[114,131,156,178,198],{"slug":115,"name":116,"version":117,"author":118,"author_profile":119,"description":120,"short_description":121,"active_installs":122,"downloaded":123,"rating":29,"num_ratings":29,"last_updated":124,"tested_up_to":125,"requires_at_least":126,"requires_php":18,"tags":127,"homepage":128,"download_link":129,"security_score":130,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"mw-wp-form-a8-tracker","MW WP Form A8 Tracker","1.0.0","a8wpform","https:\u002F\u002Fprofiles.wordpress.org\u002Fa8wpform\u002F","\u003Cp>MW WP Form a8 tracker is an extension plugin for \u003Ca href=\"https:\u002F\u002Fja.wordpress.org\u002Fplugins\u002Fmw-wp-form\u002F\" rel=\"nofollow ugc\">MW WP FORM\u003C\u002Fa>.\u003Cbr \u002F>\nThis plugin is must necessary install MW WP Form.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>This plugin can easily introduce A8.net tracking tags\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Official\u003C\u002Fh4>\n\u003Cp>https:\u002F\u002Fwww.fancs.com\u002F\u003C\u002Fp>\n\u003Ch4>Contributors\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002F2inc.org\" rel=\"nofollow ugc\">Takashi Kitajima\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Finc2734\" rel=\"nofollow ugc\">inc2734\u003C\u002Fa> )\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.fancs.com\u002F\" rel=\"nofollow ugc\">FAN Communications\u003C\u002Fa> ( \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fa8wpform\u002F\" rel=\"nofollow ugc\">a8wpform\u003C\u002Fa> )\u003C\u002Fli>\n\u003C\u002Ful>\n","MW WP Form a8 tracker is an extension plugin for MW WP FORM. This plugin can easily introduce A8.net tracking tags.",60,1611,"2024-04-17T06:46:00.000Z","5.2.24","4.0",[20,21,22,23,24],"http:\u002F\u002Fplugins.2inc.org\u002Fmw-wp-form-a8-tracker\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmw-wp-form-a8-tracker.zip",92,{"slug":132,"name":133,"version":134,"author":135,"author_profile":136,"description":137,"short_description":138,"active_installs":139,"downloaded":140,"rating":130,"num_ratings":141,"last_updated":142,"tested_up_to":143,"requires_at_least":144,"requires_php":145,"tags":146,"homepage":151,"download_link":152,"security_score":153,"vuln_count":154,"unpatched_count":29,"last_vuln_date":155,"fetched_at":31},"cf7-email-add-on","Email addon for CF7","2.0","KrishaWeb","https:\u002F\u002Fprofiles.wordpress.org\u002Fkrishaweb\u002F","\u003Cp>Email addon for CF7 is the email configuration extension to the Contact Form 7. It lets you customize the contact form email both for users and admin. You can select the most suitable email template from the pre-developed templates and easily customize the template as per your requirements. You can add and update the content, links, graphics and buttons of the email template that too without expert coding skills.\u003C\u002Fp>\n\u003Cp>Different pre-developed email templates lets also enables you to do the A\u002FB testing to understand the user behavior and improve the conversion rate. It is not just a contact from 7 email add on, it also helps you with your conversion optimization process. It is easy to install, set up and requires minimum technical skills to update.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>10+ Pre-developed responsive email templates\u003C\u002Fli>\n\u003Cli>Multiple Email templates for Contact Form 7\u003C\u002Fli>\n\u003Cli>Single step template selection \u003C\u002Fli>\n\u003Cli>Click to copy shortcode\u003C\u002Fli>\n\u003Cli>User can see special mail tags on the plugin popup\u003C\u002Fli>\n\u003Cli>Can add\u002Fremove form fields \u003C\u002Fli>\n\u003Cli>Ability to customize pre-developed templates\u003C\u002Fli>\n\u003Cli>Compatible with WordPress 4.6 and above \u003C\u002Fli>\n\u003Cli>Compatible with Contact Form 7 version 5 and above\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>PRO Plugin Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>18+ Pre-developed responsive email templates\u003C\u002Fli>\n\u003Cli>Can download HTML Template for external use\u003C\u002Fli>\n\u003Cli>Compatible with custom shortcode\u003C\u002Fli>\n\u003Cli>Preview template & send test email\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fblockquote>\n\u003Ch4>Buy Contact Form 7 Email Add On Pro on Codecanyon :\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcontact-form-7-email-add-on-pro\u002F23172379\" rel=\"nofollow ugc\">https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fcontact-form-7-email-add-on-pro\u002F23172379\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Check such amazing email add-on for Ninja form as well at \u003Ca href=\"https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fninja-forms-email-add-on\u002F22782567\" rel=\"nofollow ugc\">https:\u002F\u002Fcodecanyon.net\u002Fitem\u002Fninja-forms-email-add-on\u002F22782567\u003C\u002Fa>. It comes with all these features for Ninja form along with some additional features.\u003C\u002Fp>\n","Email addon for CF7 plugin provides the responsive Email templates to admin and users.",3000,36707,9,"2025-09-26T07:28:00.000Z","6.8.5","6.6","7.4",[147,148,149,150,24],"cf7","contactform7","email-template","html-email","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fcf7-email-add-on\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcf7-email-add-on.2.0.zip",98,1,"2024-11-20 00:00:00",{"slug":157,"name":158,"version":159,"author":160,"author_profile":161,"description":162,"short_description":163,"active_installs":164,"downloaded":165,"rating":13,"num_ratings":166,"last_updated":167,"tested_up_to":168,"requires_at_least":169,"requires_php":18,"tags":170,"homepage":175,"download_link":176,"security_score":177,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"contact-form-7-confirm-email-feild","Contact Form 7 Confirm Email Field","1.2","vallabh vyas","https:\u002F\u002Fprofiles.wordpress.org\u002Fvallabh85\u002F","\u003Cp>This “Contact Form 7 confirm email field” plugin extends the “Contact Form 7” plugin to verify email address which is entered second time.\u003C\u002Fp>\n\u003Cp>confirm email field for Contact Form 7 add the double check email field to your form and verify email match with the CF7 Ajax validation.\u003C\u002Fp>\n\u003Ch4>Double email check\u003C\u002Fh4>\n\u003Cp>This plugin add a new field in Contact Form 7 called “confirm_email” that allow to do a double email check when submitting the form. The new field will ask to users to confirm their email by typing it into a second field.\u003C\u002Fp>\n\u003Cp>If you want to do this in your form, you only have to add the “confirm_email” field into the CF7 form and enter the email field name you want to check. The validation is done by the CF7 Ajax-powered style: when submitting form CF7 will do the double email check, if not match returns error and ask to users to verify the email addresses.\u003C\u002Fp>\n\u003Ch3>1.1\u003C\u002Fh3>\n\u003Cp>The version support Contact form 7 4.1.2 and above\u003C\u002Fp>\n\u003Ch3>1.0\u003C\u002Fh3>\n\u003Cp>The version support Contact form 7 4.1.1 and below version\u003C\u002Fp>\n\u003Ch3>Installation == 1. Upload the entire contact-form-7-confirm-email folder to the \u002Fwp-content\u002Fplugins\u002F directory. 1. Activate the plugin through the ‘Plugins’ menu in WordPress.\u003C\u002Fh3>\n\u003Cp>When you are adding contact form. At top there is option to add “TEXT, EMAIL, URL”. There is one more option there to add “Confirm Email”. once you click on that it will generate the code like below. you can insert that code at same place where other feilds are there.\u003C\u002Fp>\n\u003Cp>Sample code i had generated and it’s work fine.\u003Cbr \u002F>\n[confirm_email confirm_email-510]\u003C\u002Fp>\n\u003Cp>The Contact Form 7 plugin must be installed and activated for the Contact Form 7 Confirm Email to work.\u003C\u002Fp>\n\u003Ch3>1.2\u003C\u002Fh3>\n\u003Cp>The version support Contact form 7 4.1.2 and above\u003C\u002Fp>\n\u003Ch3>1.1\u003C\u002Fh3>\n\u003Cp>The version support Contact form 7 4.1.2 and above\u003C\u002Fp>\n\u003Ch3>1.0\u003C\u002Fh3>\n\u003Cp>The version support Contact form 7 4.1.1 and below version\u003C\u002Fp>\n","Add a confirm email field to Contact Form 7.",2000,17650,6,"2015-12-02T14:00:00.000Z","4.3.34","3.8",[171,172,173,174,21],"cf7-confirm-email-field","confirm-email","contact-form-7","double-check-email-plugin","http:\u002F\u002Fwww.omkarsoft.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-7-confirm-email-feild.1.2.zip",85,{"slug":179,"name":180,"version":181,"author":182,"author_profile":183,"description":184,"short_description":185,"active_installs":186,"downloaded":187,"rating":29,"num_ratings":29,"last_updated":188,"tested_up_to":143,"requires_at_least":189,"requires_php":190,"tags":191,"homepage":195,"download_link":196,"security_score":197,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"flex-forms","Flex Forms","2.1.8","Flex Plugins","https:\u002F\u002Fprofiles.wordpress.org\u002Fflexfields\u002F","\u003Cp>\u003Cstrong>Flex Forms\u003C\u002Fstrong> is a modular and flexible form builder plugin for WordPress, designed to be lightweight yet feature-rich. It allows you to quickly build forms with various field types, manage submissions, and integrate with your theme and workflow easily.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Key Features:\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Easy form creation via WordPress admin\u003C\u002Fli>\n\u003Cli>Drag-and-drop field ordering\u003C\u002Fli>\n\u003Cli>Email notifications on submission\u003C\u002Fli>\n\u003Cli>Submission storage in database\u003C\u002Fli>\n\u003Cli>Google reCAPTCHA v2\u002Fv3 support\u003C\u002Fli>\n\u003Cli>Custom shortcode per form\u003C\u002Fli>\n\u003Cli>SMTP email sending support with test email\u003C\u002Fli>\n\u003Cli>Force “From” email override (site-wide)\u003C\u002Fli>\n\u003Cli>Full integration with \u003Ca href=\"https:\u002F\u002Fflex-fields.com\u002F\" rel=\"nofollow ugc\">Flex Fields\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Developer-friendly hooks and filters\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>Flex Forms may interact with third-party services depending on your configuration:\u003C\u002Fp>\n\u003Ch3>Email Sending\u003C\u002Fh3>\n\u003Cp>Flex Forms supports custom SMTP configuration for reliable email delivery.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What data is sent:\u003C\u002Fstrong> Form submission content (user input).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When data is sent:\u003C\u002Fstrong> When a user submits a form or when a notification is triggered.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Where data is sent:\u003C\u002Fstrong> To the configured email recipient(s) via your selected email service provider.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy & Terms:\u003C\u002Fstrong> Email service providers’ policies apply (e.g., SendGrid, Mailgun, custom SMTP).\n\u003Cul>\n\u003Cli>Example terms:\u003C\u002Fli>\n\u003Cli>SendGrid: https:\u002F\u002Fsendgrid.com\u002Fpolicies\u002Ftos\u002F\u003C\u002Fli>\n\u003Cli>Mailgun: https:\u002F\u002Fwww.mailgun.com\u002Flegal\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Google reCAPTCHA\u003C\u002Fh3>\n\u003Cp>Used to prevent spam form submissions.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What the service is and what it is used for:\u003C\u002Fstrong>\u003Cbr \u002F>\nVerifies that a user is human when submitting a form.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What data is sent and when:\u003C\u002Fstrong>\u003Cbr \u002F>\nThe user’s IP address and browser information are sent to Google when the user interacts with a reCAPTCHA-enabled form.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Where data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\nGoogle servers.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Privacy & Terms:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fli>\n\u003Cli>https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","A lightweight yet powerful form builder with database storage, email alerts, reCAPTCHA, SMTP configuration, and deep Flex Fields integration.",10,736,"2026-03-09T12:48:00.000Z","5.0","7.0",[192,193,21,194,24],"email","field","input","https:\u002F\u002Fflex-fields.com\u002Fforms\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fflex-forms.2.1.8.zip",100,{"slug":199,"name":200,"version":134,"author":201,"author_profile":202,"description":203,"short_description":204,"active_installs":186,"downloaded":205,"rating":197,"num_ratings":154,"last_updated":206,"tested_up_to":207,"requires_at_least":208,"requires_php":18,"tags":209,"homepage":213,"download_link":214,"security_score":177,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"formidable-email-shortcodes","Formidable Email Shortcodes","thomstark","https:\u002F\u002Fprofiles.wordpress.org\u002Fthomstark\u002F","\u003Cp>Create email shortcodes with unique identifiers to use in your Formidable Email Notification Settings, or anywhere else in your site. Set an unlimited number of email addresses, and change them globally from one location, any time you need to.\u003Cbr \u002F>\n* The Email Shortcodes settings page can be accessed from your Formidable menu on the Admin panel.\u003Cbr \u002F>\n* Add as many email addresses as you want to each unique ID you create. Save changes and then your shortcodes will appear in a table below. When you need to change an email address, do it here, but leave the unique identifier as is, then the email address will be changed globally wherever you’ve used the shortcode. (See screenshots for clarity.)\u003Cbr \u002F>\n* Output multiple email addresses with a single identifier.\u003Cbr \u002F>\n* Use the shortcodes in your Formidable Email Notifications settings, or anywhere else in your site.\u003C\u002Fp>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>PHP 5.3+\u003C\u002Fli>\n\u003Cli>WordPress 3.5+\u003C\u002Fli>\n\u003Cli>Formidable Pro\u003C\u002Fli>\n\u003C\u002Ful>\n","Create shortcodes with unique identifiers to use in your Formidable Email Notification Settings. Change email addresses globally from one location.",2665,"2014-04-28T10:57:00.000Z","3.9.40","3.5",[192,210,211,212,24],"formidable","formidable-pro","notifications","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fformidable-email-shortcodes\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fformidable-email-shortcodes.zip",{"attackSurface":216,"codeSignals":417,"taintFlows":642,"riskAssessment":670,"analyzedAt":679},{"hooks":217,"ajaxHandlers":400,"restRoutes":401,"shortcodes":402,"cronEvents":415,"entryPointCount":416,"unprotectedCount":29},[218,224,228,233,238,243,247,251,255,259,263,267,269,272,274,279,281,284,288,292,295,297,299,303,305,310,314,318,323,325,330,335,338,342,346,351,355,358,363,367,370,373,378,380,384,388,391,392,395,397],{"type":219,"name":220,"callback":221,"file":222,"line":223},"filter","mwform_form_fields","_mwform_form_fields","classes\\abstract\\class.form-field.php",79,{"type":219,"name":225,"callback":226,"file":222,"line":227},"mwform_tag_generator_group","_mwform_tag_generator_group",80,{"type":229,"name":230,"callback":231,"file":222,"line":232},"action","mwform_tag_generator_dialog","_mwform_tag_generator_dialog",288,{"type":219,"name":234,"callback":235,"file":236,"line":237},"mwform_validation_rules","_mwform_validation_rules","classes\\abstract\\class.validation-rule.php",39,{"type":229,"name":239,"callback":240,"file":241,"line":242},"admin_head","_add_columns","classes\\controllers\\class.admin-list.php",18,{"type":229,"name":244,"callback":245,"file":241,"line":246},"admin_enqueue_scripts","_admin_enqueue_scripts",19,{"type":219,"name":248,"callback":249,"file":241,"line":250},"manage_posts_columns","_manage_posts_columns",26,{"type":229,"name":252,"callback":253,"file":241,"line":254},"manage_posts_custom_column","_manage_posts_custom_column",27,{"type":229,"name":256,"callback":257,"file":258,"line":14},"add_meta_boxes","_add_meta_boxes","classes\\controllers\\class.admin.php",{"type":219,"name":260,"callback":261,"file":258,"line":262},"default_content","_default_content",23,{"type":229,"name":264,"callback":265,"file":258,"line":266},"media_buttons","_tag_generator",24,{"type":229,"name":244,"callback":245,"file":258,"line":268},25,{"type":229,"name":270,"callback":271,"file":258,"line":250},"save_post","_save_post",{"type":229,"name":244,"callback":245,"file":273,"line":237},"classes\\controllers\\class.chart.php",{"type":229,"name":275,"callback":276,"file":277,"line":278},"pre_get_posts","_pre_get_posts","classes\\controllers\\class.contact-data-list.php",37,{"type":229,"name":244,"callback":245,"file":277,"line":280},38,{"type":229,"name":282,"callback":283,"file":277,"line":237},"admin_print_styles","_admin_print_styles",{"type":229,"name":285,"callback":286,"file":277,"line":287},"in_admin_footer","_add_csv_download_button",40,{"type":219,"name":289,"callback":290,"priority":186,"file":277,"line":291},"wp_count_posts","_wp_count_posts",41,{"type":229,"name":256,"callback":257,"file":293,"line":294},"classes\\controllers\\class.contact-data.php",53,{"type":229,"name":244,"callback":245,"file":293,"line":296},54,{"type":229,"name":282,"callback":283,"file":293,"line":298},55,{"type":229,"name":300,"callback":301,"file":293,"line":302},"edit_form_top","_edit_form_top",56,{"type":229,"name":270,"callback":271,"file":293,"line":304},57,{"type":219,"name":306,"callback":307,"priority":154,"file":308,"line":309},"nocache_headers","_nocache_headers","classes\\controllers\\class.main.php",32,{"type":219,"name":311,"callback":312,"file":308,"line":313},"nginxchampuru_caching_headers","_nginxchampuru_caching_headers",33,{"type":229,"name":315,"callback":316,"file":308,"line":317},"parse_request","_remove_query_vars_from_post",35,{"type":229,"name":319,"callback":320,"priority":321,"file":308,"line":322},"template_redirect","_send_headers",10000,36,{"type":229,"name":319,"callback":324,"priority":321,"file":308,"line":278},"_template_redirect",{"type":229,"name":326,"callback":327,"priority":321,"file":328,"line":329},"mwform_after_exec_shortcode","_mwform_after_exec_shortcode2","classes\\deprecated.php",17,{"type":229,"name":331,"callback":332,"file":333,"line":334},"admin_notices","MWF_Functions::_display_deprecated_message","classes\\functions.php",90,{"type":219,"name":336,"callback":337,"file":333,"line":93},"the_content","MWF_Functions::_return_deprecated_message",{"type":229,"name":339,"callback":340,"file":341,"line":334},"shutdown","_save_to_session","classes\\models\\class.data.php",{"type":219,"name":343,"callback":344,"file":345,"line":329},"upload_mimes","_upload_mimes","classes\\models\\class.file.php",{"type":229,"name":347,"callback":348,"file":349,"line":350},"phpmailer_init","_set_return_path","classes\\models\\class.mail.php",83,{"type":219,"name":352,"callback":353,"file":349,"line":354},"wp_mail_from","_set_mail_from",84,{"type":219,"name":356,"callback":357,"file":349,"line":177},"wp_mail_from_name","_set_mail_from_name",{"type":219,"name":359,"callback":360,"file":361,"line":362},"mwform_form_end_html","_mwform_form_end_html","classes\\services\\class.exec-shortcode.php",45,{"type":229,"name":364,"callback":365,"file":361,"line":366},"wp_footer","_enqueue_scripts",47,{"type":229,"name":364,"callback":368,"file":361,"line":369},"clear_values",78,{"type":229,"name":364,"callback":371,"file":361,"line":372},"_enqueue_scroll_script",112,{"type":229,"name":374,"callback":375,"priority":141,"file":376,"line":377},"plugins_loaded","_load_initialize_files","mw-wp-form.php",34,{"type":229,"name":374,"callback":379,"priority":107,"file":376,"line":317},"_initialize",{"type":229,"name":381,"callback":382,"priority":107,"file":376,"line":383},"after_setup_theme","_after_setup_theme",68,{"type":229,"name":385,"callback":386,"file":376,"line":387},"init","_register_post_type",69,{"type":229,"name":319,"callback":389,"file":376,"line":390},"_do_empty_temp_dir",70,{"type":229,"name":244,"callback":245,"file":376,"line":369},{"type":229,"name":393,"callback":394,"file":376,"line":223},"admin_menu","_admin_menu_for_chart",{"type":229,"name":393,"callback":396,"file":376,"line":227},"_admin_menu_for_inquiry_data_list",{"type":229,"name":398,"callback":399,"file":376,"line":27},"current_screen","_current_screen",[],[],[403,407,411],{"tag":404,"callback":405,"file":308,"line":406},"mwform_formkey","_mwform_formkey",182,{"tag":408,"callback":409,"file":361,"line":410},"mwform","_mwform",42,{"tag":412,"callback":413,"file":361,"line":414},"mwform_complete_message","_mwform_complete_message",43,[],3,{"dangerousFunctions":418,"sqlUsage":419,"outputEscaping":422,"fileOperations":513,"externalRequests":29,"nonceChecks":420,"capabilityChecks":28,"bundledLibraries":641},[],{"prepared":420,"raw":29,"locations":421},4,[],{"escaped":423,"rawEcho":424,"locations":425},642,141,[426,429,431,433,435,437,440,441,443,446,448,451,453,455,457,459,462,464,466,467,469,471,473,475,477,479,481,482,484,487,490,492,494,496,499,501,503,504,506,507,509,511,514,516,518,520,522,523,525,527,528,530,532,534,535,537,538,539,540,541,543,544,546,547,549,550,551,552,553,554,556,557,558,559,560,561,562,564,565,566,567,568,569,571,573,574,576,577,578,579,580,581,583,584,586,588,589,590,591,592,593,594,595,596,597,599,601,602,603,604,606,607,608,609,610,611,612,614,615,616,617,618,619,621,622,623,624,625,626,627,629,630,631,632,633,634,635,636,637,638,640],{"file":427,"line":237,"context":428},"classes\\abstract\\class.controller.php","raw output",{"file":333,"line":430,"context":428},109,{"file":432,"line":410,"context":428},"classes\\models\\class.csv.php",{"file":434,"line":296,"context":428},"classes\\validation-rules\\class.alpha.php",{"file":436,"line":296,"context":428},"classes\\validation-rules\\class.alphanumeric.php",{"file":438,"line":439,"context":428},"classes\\validation-rules\\class.between.php",82,{"file":438,"line":354,"context":428},{"file":442,"line":227,"context":428},"classes\\validation-rules\\class.date.php",{"file":444,"line":445,"context":428},"classes\\validation-rules\\class.eq.php",62,{"file":447,"line":93,"context":428},"classes\\validation-rules\\class.filesize.php",{"file":449,"line":450,"context":428},"classes\\validation-rules\\class.filetype.php",67,{"file":452,"line":296,"context":428},"classes\\validation-rules\\class.hiragana.php",{"file":454,"line":296,"context":428},"classes\\validation-rules\\class.kana.php",{"file":456,"line":294,"context":428},"classes\\validation-rules\\class.katakana.php",{"file":458,"line":296,"context":428},"classes\\validation-rules\\class.mail.php",{"file":460,"line":461,"context":428},"classes\\validation-rules\\class.maximagesize.php",101,{"file":460,"line":463,"context":428},103,{"file":465,"line":461,"context":428},"classes\\validation-rules\\class.minimagesize.php",{"file":465,"line":463,"context":428},{"file":468,"line":445,"context":428},"classes\\validation-rules\\class.minlength.php",{"file":470,"line":369,"context":428},"classes\\validation-rules\\class.month.php",{"file":472,"line":79,"context":428},"classes\\validation-rules\\class.noempty.php",{"file":474,"line":296,"context":428},"classes\\validation-rules\\class.numeric.php",{"file":476,"line":79,"context":428},"classes\\validation-rules\\class.required.php",{"file":478,"line":122,"context":428},"classes\\validation-rules\\class.tel.php",{"file":480,"line":296,"context":428},"classes\\validation-rules\\class.url.php",{"file":480,"line":296,"context":428},{"file":483,"line":298,"context":428},"classes\\validation-rules\\class.zip.php",{"file":485,"line":486,"context":428},"templates\\admin\\admin-mail-options.php",12,{"file":488,"line":489,"context":428},"templates\\admin\\complete-message.php",20,{"file":491,"line":486,"context":428},"templates\\admin\\mail-options.php",{"file":493,"line":309,"context":428},"templates\\admin\\tag-generator.php",{"file":495,"line":141,"context":428},"templates\\admin\\url.php",{"file":497,"line":498,"context":428},"templates\\chart\\index.php",146,{"file":497,"line":500,"context":428},147,{"file":502,"line":141,"context":428},"templates\\contact-data\\detail.php",{"file":502,"line":317,"context":428},{"file":502,"line":505,"context":428},48,{"file":502,"line":79,"context":428},{"file":502,"line":508,"context":428},77,{"file":510,"line":186,"context":428},"templates\\contact-data\\returning-link.php",{"file":512,"line":513,"context":428},"templates\\contact-data-list\\column.php",8,{"file":515,"line":486,"context":428},"templates\\form-fields\\button.php",{"file":517,"line":486,"context":428},"templates\\form-fields\\button_button.php",{"file":519,"line":486,"context":428},"templates\\form-fields\\button_submit.php",{"file":521,"line":14,"context":428},"templates\\form-fields\\checkbox.php",{"file":521,"line":254,"context":428},{"file":521,"line":524,"context":428},28,{"file":526,"line":107,"context":428},"templates\\form-fields\\datepicker.php",{"file":526,"line":486,"context":428},{"file":526,"line":529,"context":428},13,{"file":526,"line":531,"context":428},14,{"file":526,"line":533,"context":428},15,{"file":526,"line":489,"context":428},{"file":536,"line":107,"context":428},"templates\\form-fields\\email.php",{"file":536,"line":486,"context":428},{"file":536,"line":529,"context":428},{"file":536,"line":531,"context":428},{"file":536,"line":533,"context":428},{"file":536,"line":542,"context":428},16,{"file":536,"line":329,"context":428},{"file":545,"line":107,"context":428},"templates\\form-fields\\file.php",{"file":545,"line":486,"context":428},{"file":548,"line":107,"context":428},"templates\\form-fields\\monthpicker.php",{"file":548,"line":486,"context":428},{"file":548,"line":529,"context":428},{"file":548,"line":531,"context":428},{"file":548,"line":533,"context":428},{"file":548,"line":489,"context":428},{"file":555,"line":107,"context":428},"templates\\form-fields\\number.php",{"file":555,"line":486,"context":428},{"file":555,"line":529,"context":428},{"file":555,"line":531,"context":428},{"file":555,"line":533,"context":428},{"file":555,"line":542,"context":428},{"file":555,"line":329,"context":428},{"file":563,"line":107,"context":428},"templates\\form-fields\\password.php",{"file":563,"line":486,"context":428},{"file":563,"line":529,"context":428},{"file":563,"line":531,"context":428},{"file":563,"line":533,"context":428},{"file":563,"line":542,"context":428},{"file":570,"line":542,"context":428},"templates\\form-fields\\radio.php",{"file":570,"line":572,"context":428},21,{"file":570,"line":14,"context":428},{"file":575,"line":107,"context":428},"templates\\form-fields\\range.php",{"file":575,"line":486,"context":428},{"file":575,"line":529,"context":428},{"file":575,"line":531,"context":428},{"file":575,"line":533,"context":428},{"file":575,"line":542,"context":428},{"file":582,"line":186,"context":428},"templates\\form-fields\\select.php",{"file":582,"line":107,"context":428},{"file":585,"line":486,"context":428},"templates\\form-fields\\submit.php",{"file":587,"line":486,"context":428},"templates\\form-fields\\tel.php",{"file":587,"line":529,"context":428},{"file":587,"line":531,"context":428},{"file":587,"line":533,"context":428},{"file":587,"line":542,"context":428},{"file":587,"line":572,"context":428},{"file":587,"line":14,"context":428},{"file":587,"line":262,"context":428},{"file":587,"line":266,"context":428},{"file":587,"line":268,"context":428},{"file":587,"line":598,"context":428},30,{"file":587,"line":600,"context":428},31,{"file":587,"line":309,"context":428},{"file":587,"line":313,"context":428},{"file":587,"line":377,"context":428},{"file":605,"line":107,"context":428},"templates\\form-fields\\text.php",{"file":605,"line":486,"context":428},{"file":605,"line":529,"context":428},{"file":605,"line":531,"context":428},{"file":605,"line":533,"context":428},{"file":605,"line":542,"context":428},{"file":605,"line":329,"context":428},{"file":613,"line":107,"context":428},"templates\\form-fields\\textarea.php",{"file":613,"line":486,"context":428},{"file":613,"line":529,"context":428},{"file":613,"line":531,"context":428},{"file":613,"line":533,"context":428},{"file":613,"line":542,"context":428},{"file":620,"line":107,"context":428},"templates\\form-fields\\url.php",{"file":620,"line":486,"context":428},{"file":620,"line":529,"context":428},{"file":620,"line":531,"context":428},{"file":620,"line":533,"context":428},{"file":620,"line":542,"context":428},{"file":620,"line":329,"context":428},{"file":628,"line":529,"context":428},"templates\\form-fields\\zip.php",{"file":628,"line":531,"context":428},{"file":628,"line":533,"context":428},{"file":628,"line":542,"context":428},{"file":628,"line":329,"context":428},{"file":628,"line":14,"context":428},{"file":628,"line":262,"context":428},{"file":628,"line":266,"context":428},{"file":628,"line":268,"context":428},{"file":628,"line":250,"context":428},{"file":639,"line":317,"context":428},"templates\\stores-inquiry-data-form-list\\index.php",{"file":639,"line":322,"context":428},[],[643,662],{"entryPoint":644,"graph":645,"unsanitizedCount":29,"severity":661},"_save (classes\\controllers\\class.chart.php:102)",{"nodes":646,"edges":658},[647,652],{"id":648,"type":649,"label":650,"file":273,"line":651},"n0","source","$_POST",120,{"id":653,"type":654,"label":655,"file":273,"line":656,"wp_function":657},"n1","sink","update_option() [Settings Manipulation]",121,"update_option",[659],{"from":648,"to":653,"sanitized":660},true,"low",{"entryPoint":663,"graph":664,"unsanitizedCount":29,"severity":661},"\u003Cclass.chart> (classes\\controllers\\class.chart.php:0)",{"nodes":665,"edges":668},[666,667],{"id":648,"type":649,"label":650,"file":273,"line":651},{"id":653,"type":654,"label":655,"file":273,"line":656,"wp_function":657},[669],{"from":648,"to":653,"sanitized":660},{"summary":671,"deductions":672},"The static analysis of \"mw-wp-form\" v5.1.0 indicates a generally good security posture with several positive indicators. The plugin has no unprotected AJAX handlers or REST API routes, all SQL queries are prepared, and a high percentage of output is properly escaped. The presence of nonce and capability checks further reinforces good security practices. However, the code signals do show some areas for improvement, particularly concerning file operations, which should always be handled with extreme caution.\n\nDespite the positive static analysis results for the current version, the plugin's vulnerability history is a significant concern. With 5 known CVEs, including one critical and one high severity vulnerability, this indicates a pattern of past security weaknesses. The common vulnerability types such as Cross-site Scripting, Path Traversal, Unrestricted Uploads, and Missing Authorization suggest that inputs have not always been properly sanitized or authorized, leading to potentially serious security flaws in previous versions. The fact that the last vulnerability was relatively recent (January 2024) is also noteworthy.\n\nIn conclusion, while \"mw-wp-form\" v5.1.0 demonstrates adherence to some core security best practices in its current code, its historical vulnerability record warrants a cautious approach. The absence of any unpatched vulnerabilities in the current version is a positive sign, but the recurring nature of certain vulnerability types in its history suggests that ongoing vigilance and thorough auditing are crucial to prevent future exploitations.",[673,675,677],{"reason":674,"points":489},"Significant historical CVEs, including critical and high.",{"reason":676,"points":28},"8 file operations present.",{"reason":678,"points":420},"82% output escaping is good, but 18% is unescaped.","2026-03-16T17:04:18.776Z",{"wat":681,"direct":687},{"assetPaths":682,"generatorPatterns":684,"scriptPaths":685,"versionParams":686},[683],"\u002Fwp-content\u002Fplugins\u002Fmw-wp-form\u002Fcss\u002Fadmin-common.css",[],[],[],{"cssClasses":688,"htmlComments":694,"htmlAttributes":696,"restEndpoints":698,"jsGlobals":700,"shortcodeOutput":702},[689,690,691,692,693],"mwf_input","mwf_label","mwf_form_wrap","mwf_submit","mwf_select",[5,695],"contact_data_post_types",[697],"data-mwf-form-id",[699],"\u002Fwp-json\u002Fmw-wp-form\u002F",[701],"MW_WP_Form_Validator",[703],"[mwform"]