Does MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets have any unpatched vulnerabilities?

No. All known vulnerabilities in MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets compatible with WordPress 5.8.13?

According to WordPress.org data, MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets 1.0.1 has been tested up to WordPress 5.8.13. Check the plugin's changelog for the latest compatibility information.

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Security & Risk Analysis

wordpress.org/plugins/mwb-cf7-integration-with-hubspot

Automate lead generation & nurturing by syncing Contact Form 7 data over HubSpot with this MWB CF7 Integration with HubSpot plugin.

0 active installs v1.0.1 PHP 7.3.5+ WP 4.0+ Updated Unknown

cf7contact-form-7hubspothubspot-formstickets

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Safe to Use in 2026?

Generally Safe

Score 100/100

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The plugin "mwb-cf7-integration-with-hubspot" v1.0.1 exhibits a generally strong security posture, particularly in its handling of SQL queries and output escaping. The extensive use of prepared statements for all SQL queries is a significant strength, mitigating common SQL injection risks. Similarly, the high percentage of properly escaped outputs suggests a good effort to prevent cross-site scripting vulnerabilities. The absence of known historical vulnerabilities and critical taint flows further contributes to this positive assessment.

However, the plugin does present some notable concerns regarding its attack surface. The presence of five AJAX handlers, with three lacking authentication checks, is a significant risk. These unprotected entry points could be exploited by unauthenticated users to trigger plugin functionality, potentially leading to unintended consequences or even allowing for further exploitation if combined with other weaknesses. While the plugin demonstrates good internal code hygiene, the exposure of unprotected AJAX endpoints is a critical area that needs immediate attention.

In conclusion, while the plugin excels in secure coding practices for SQL and output handling, the unprotected AJAX endpoints represent a substantial security weakness. The lack of historical vulnerabilities is a positive sign of past development focus on security, but it does not negate the current risks introduced by the open attack surface. Addressing the authentication checks on these AJAX handlers should be the highest priority.

Key Concerns

3 unprotected AJAX handlers

Vulnerabilities

None known

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Code Analysis

Dangerous Functions

Raw SQL Queries

14 prepared

Unescaped Output

494 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

DataTablesSelect2

SQL Query Safety

100% prepared14 total queries

Output Escaping

97% escaped510 total outputs

Data Flows

All sanitized

Data Flow Analysis

4 flows

mwb_cf7_integration_admin_init_process (admin\class-mwb-cf7-integration-with-hubspot-admin.php:222)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

3 unprotected

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Attack Surface

Entry Points5

Unprotected3

AJAX Handlers 5

authwp_ajax_send_onboarding_dataincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:151

noprivwp_ajax_send_onboarding_dataincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:152

authwp_ajax_skip_onboarding_popupincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:155

noprivwp_ajax_skip_onboarding_popupincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:156

authwp_ajax_get_datatable_logsincludes\class-mwb-cf7-integration-with-hubspot.php:287

WordPress Hooks 25

actionadmin_initadmin\class-mwb-cf7-integration-with-hubspot-admin.php:436

actionadmin_noticesadmin\class-mwb-cf7-integration-with-hubspot-admin.php:446

actionadmin_enqueue_scriptsincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:143

actionadmin_enqueue_scriptsincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:144

actionadmin_footerincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:145

actionadmin_footerincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:146

filtermwb_on_boarding_form_fieldsincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:147

filtermwb_deactivation_form_fieldsincludes\class-mwb-cf7-integration-with-hubspot-onboarding.php:148

actionplugins_loadedincludes\class-mwb-cf7-integration-with-hubspot.php:191

actionadmin_enqueue_scriptsincludes\class-mwb-cf7-integration-with-hubspot.php:206

actionadmin_enqueue_scriptsincludes\class-mwb-cf7-integration-with-hubspot.php:207

actionadmin_menuincludes\class-mwb-cf7-integration-with-hubspot.php:209

actionadmin_initincludes\class-mwb-cf7-integration-with-hubspot.php:211

filtermwb_helper_valid_frontend_screensincludes\class-mwb-cf7-integration-with-hubspot.php:215

filtermwb_deactivation_supported_slugincludes\class-mwb-cf7-integration-with-hubspot.php:217

actionplugins_loadedincludes\class-mwb-cf7-integration-with-hubspot.php:219

actionwp_enqueue_scriptsincludes\class-mwb-cf7-integration-with-hubspot.php:233

actionwp_enqueue_scriptsincludes\class-mwb-cf7-integration-with-hubspot.php:234

filterwpcf7_before_send_mailincludes\class-mwb-cf7-integration-with-hubspot.php:236

actionwp_loadedincludes\class-mwb-cf7-integration-with-hubspot.php:239

actioninitincludes\class-mwb-cf7-integration-with-hubspot.php:268

actionsave_postincludes\class-mwb-cf7-integration-with-hubspot.php:270

actionadmin_initmwb-cf7-integration-with-hubspot.php:39

actionadmin_noticesmwb-cf7-integration-with-hubspot.php:65

filterplugin_row_metamwb-cf7-integration-with-hubspot.php:195

Maintenance & Trust

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13

Last updatedUnknown

PHP min version7.3.5

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Alternatives

CF7 HubSpot Forms Add-on For Contact Form 7

cf7-hubspot-forms-add-on-for-contact-form-7

This plugin integrates HubSpot forms with Contact Form 7 forms.

300 No CVEs

WPOP Contact Form 7 to Hubspot

wpop-contactform-hubspot

Add Contact Form 7 Data to Hubspot Contact lists.

200 No CVEs

Contact Form user to HubSpot Contacts

cf7-user-to-hubspot-contacts

Plugin sends Contact Form 7 (first name, last name, email, phone) to HubSpot CRM contact.

0 No CVEs

Database Addon for Contact Form 7 – CFDB7

contact-form-cfdb7

Save and manage Contact Form 7 messages. Never lose important data. It is a lightweight contact form 7 database plugin.

600K 7 CVEs

Redirection for Contact Form 7

wpcf7-redirect

Redirect to any page or URL, execute scripts after submission, save data to the database, and unlock additional submission actions for Contact Form 7.

200K 14 CVEs

Developer Profile

MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets Developer Profile

MakeWebBetter

4 plugins · 7K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

2 days

View full developer profile

Detection Fingerprints

How We Detect MWB CF7 Integration with HubSpot -Sync HubSpot Forms, Contacts, Tickets

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mwb-cf7-integration-with-hubspot/admin/css/mwb-cf7-hubspot-admin-style.css/wp-content/plugins/mwb-cf7-integration-with-hubspot/admin/js/mwb-cf7-hubspot-admin-script.js

Script Paths

/wp-content/plugins/mwb-cf7-integration-with-hubspot/admin/js/mwb-cf7-hubspot-admin-script.js

Version Parameters

mwb-cf7-integration-with-hubspot/admin/css/mwb-cf7-hubspot-admin-style.css?ver=mwb-cf7-integration-with-hubspot/admin/js/mwb-cf7-hubspot-admin-script.js?ver=

HTML / DOM Fingerprints

CSS Classes

mwb-cf7-hubspot-notice

HTML Comments

Data Attributes

data-mwb-cf7-hubspot-field-map

JS Globals

mwb_cf7_hubspot_admin_obj

FAQ