Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Security

Safety Verdict

Is Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Safe to Use in 2026?

Generally Safe

Score 100/100

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The 'object-data-sync-for-salesforce' plugin v1.3.5 exhibits a generally good security posture with a high percentage of prepared SQL statements and properly escaped output. The plugin demonstrates robust use of nonce and capability checks, indicating an awareness of common WordPress security practices. The absence of known CVEs and recorded vulnerabilities in its history is a significant positive indicator, suggesting a history of secure development and maintenance.

However, a notable concern arises from the static analysis, specifically the presence of one AJAX handler without authentication checks. This represents a direct entry point into the plugin's functionality that could potentially be exploited by unauthenticated users. While the taint analysis did not reveal critical or high severity vulnerabilities, the 'flows with unsanitized paths' suggest areas where data might be processed without sufficient sanitization, which could lead to unforeseen issues if combined with other factors or if the attack surface is further exposed.

In conclusion, the plugin has strong foundational security practices, particularly in its handling of database queries and output. The primary weakness lies in the unprotected AJAX endpoint. The lack of past vulnerabilities is reassuring, but the identified unsanitized flows warrant attention for future improvements to further harden the plugin against potential threats.

Key Concerns

AJAX handler without auth checks
Flows with unsanitized paths found

Vulnerabilities

None known

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Release Timeline

v1.3.6Current

v1.3.5

v1.3.4

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.9

v1.2.8

v1.2.7

v1.2.6

v1.2.5

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.9

v1.1.8

v1.1.7

Code Analysis

Analyzed Mar 16, 2026

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Code Analysis

Dangerous Functions

0

Raw SQL Queries

4

37 prepared

Unescaped Output

12

437 escaped

Nonce Checks

31

Capability Checks

8

File Operations

1

External Requests

9

Bundled Libraries

1

Bundled Libraries

DataTables

SQL Query Safety

90% prepared41 total queries

Output Escaping

97% escaped449 total outputs

Data Flows · Security

9 unsanitized

Data Flow Analysis

12 flows9 with unsanitized paths

mo_sf_sync_display_troubleshoot (Helper\view\mo-sf-troubleshoot.php:19)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

1 unprotected

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_mo_sf_sync_ajax_submitobject-data-sync-for salesforce.php:102

WordPress Hooks 22

filterhandle_bulk_actions-usersHandler\class-bulk-action-handler.php:24

filterhandle_bulk_actions-edit-postHandler\class-bulk-action-handler.php:25

actionadmin_noticesHandler\class-bulk-action-handler.php:26

actioninitobject-data-sync-for salesforce.php:92

actionadmin_initobject-data-sync-for salesforce.php:93

actionadmin_menuobject-data-sync-for salesforce.php:94

actionadmin_footerobject-data-sync-for salesforce.php:95

filterbulk_actions-usersobject-data-sync-for salesforce.php:96

filterbulk_actions-edit-postobject-data-sync-for salesforce.php:97

actionrestrict_manage_usersobject-data-sync-for salesforce.php:98

actionrestrict_manage_postsobject-data-sync-for salesforce.php:99

filterpre_get_usersobject-data-sync-for salesforce.php:100

filterpre_get_postsobject-data-sync-for salesforce.php:101

actionuser_registerobject-data-sync-for salesforce.php:118

actionprofile_updateobject-data-sync-for salesforce.php:119

actionsave_postobject-data-sync-for salesforce.php:120

actionedit_user_profileobject-data-sync-for salesforce.php:129

actionshow_user_profileobject-data-sync-for salesforce.php:130

actionpersonal_options_updateobject-data-sync-for salesforce.php:131

actionedit_user_profile_updateobject-data-sync-for salesforce.php:132

actionadmin_enqueue_scriptsobject-data-sync-for salesforce.php:647

actionadmin_enqueue_scriptsobject-data-sync-for salesforce.php:648

Maintenance & Trust

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 8, 2026

PHP min version7.0

Downloads8K

Community Trust

Rating98/100

Number of ratings21

Active installs200

Alternatives

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Alternatives

Connector for Gravity Forms and Salesforce

gf-salesforce-crmperks

A

96

Gravity Forms Salesforce Add-on sends Gravity forms entries to salesforce CRM.

1K 3 CVEs

Ultimate WP Mail

ultimate-wp-mail

B

70

Custom email and SMS notifications. Automatic send actions. WPForms SMS integration. WooCommerce notifications for purchases, abandoned cart and more!

800 1 unpatched

Object Sync for Salesforce

object-sync-for-salesforce

A

100

Object Sync for Salesforce maps and syncs data between Salesforce objects and WordPress objects.

500 No CVEs

WooAmoConnector

wooamoconnector

A

85

amoCRM (https://www.amocrm.com/) and WooCommerce - sync, integration, connection

100 No CVEs

WP to CRM Lead Sync

wp-widget-sugarcrm-lead-module

A

100

Submit custom form data to SuiteCRM Lead module via WordPress. Easily create widget forms for seamless lead management.

100 No CVEs

Developer Profile

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Developer Profile

miniOrange

41 plugins · 83K total installs

76

trust score

Avg Security Score

96/100

Avg Patch Time

324 days

View full developer profile

Detection Fingerprints

How We Detect Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/object-data-sync-for-salesforce/css/style.css/wp-content/plugins/object-data-sync-for-salesforce/css/mo-sf-sync-admin-style.css/wp-content/plugins/object-data-sync-for-salesforce/js/mo-sf-sync-script.js/wp-content/plugins/object-data-sync-for-salesforce/js/mo-sf-sync-validation.js

Script Paths

/wp-content/plugins/object-data-sync-for-salesforce/js/mo-sf-sync-script.js/wp-content/plugins/object-data-sync-for-salesforce/js/mo-sf-sync-validation.js

Version Parameters

object-data-sync-for-salesforce/css/style.css?ver=object-data-sync-for-salesforce/css/mo-sf-sync-admin-style.css?ver=object-data-sync-for-salesforce/js/mo-sf-sync-script.js?ver=object-data-sync-for-salesforce/js/mo-sf-sync-validation.js?ver=

HTML / DOM Fingerprints

CSS Classes

mo_sf_sync_feedback_request_section

HTML Comments

Data Attributes

data-plugin-name="object-data-sync-for-salesforce"

JS Globals

mo_sf_sync_admin_params

FAQ

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Security & Risk Analysis

Is Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Safe to Use in 2026?

Generally Safe

Key Concerns

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Security Vulnerabilities

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Release Timeline

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Code Analysis

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Attack Surface

AJAX Handlers 1

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Maintenance & Trust

Maintenance Signals

Community Trust

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Alternatives

Connector for Gravity Forms and Salesforce

Ultimate WP Mail

Object Sync for Salesforce

WooAmoConnector

WP to CRM Lead Sync

Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more Developer Profile

How We Detect Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Object Data Sync for Salesforce Integration with WP, Woo, Gravity, WPForms, Ninja, CF7 & more