Does RescueFill — Abandoned Lead Recovery & Automation have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is RescueFill — Abandoned Lead Recovery & Automation compatible with WordPress 7.0?

According to WordPress.org data, RescueFill — Abandoned Lead Recovery & Automation 1.0.9 has been tested up to WordPress 7.0. Check the plugin's changelog for the latest compatibility information.

Is RescueFill — Abandoned Lead Recovery & Automation compatible with PHP 8.0+?

RescueFill — Abandoned Lead Recovery & Automation requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is RescueFill — Abandoned Lead Recovery & Automation's security score?

RescueFill — Abandoned Lead Recovery & Automation has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

RescueFill — Abandoned Lead Recovery & Automation Security & Risk Analysis

wordpress.org/plugins/rescuefill

Instantly recover abandoned lead. Build automated email funnels to win back lost customers.

0 active installs v1.0.9 PHP 8.0+ WP 6.2+ Updated Apr 4, 2026

abandoned-leadcontact-formemail-marketinglead-generationmarketing-automation

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is RescueFill — Abandoned Lead Recovery & Automation Safe to Use in 2026?

Generally Safe

Score 100/100

RescueFill — Abandoned Lead Recovery & Automation has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "rescuefill" v1.0.9 plugin exhibits a generally strong security posture based on the provided static analysis and vulnerability history. The absence of dangerous functions, the exclusive use of prepared statements for all SQL queries, and the 100% proper escaping of output are significant strengths. The plugin also demonstrates good practice by avoiding file operations and external HTTP requests. However, a notable weakness is the complete lack of nonce checks across its entry points. While there are no publicly known vulnerabilities for this plugin, the absence of nonce checks represents a significant potential attack vector that could lead to Cross-Site Request Forgery (CSRF) vulnerabilities if any of its functionality were to be triggered by malicious user input without proper authorization verification. The presence of capability checks is positive but does not fully mitigate the risk posed by missing nonces.

Key Concerns

Missing nonce checks on all entry points

Vulnerabilities

None known

RescueFill — Abandoned Lead Recovery & Automation Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

RescueFill — Abandoned Lead Recovery & Automation Release Timeline

v1.0.9Current

v1.0.8

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.1

v1.0.0

Code Analysis

Analyzed Apr 16, 2026

RescueFill — Abandoned Lead Recovery & Automation Code Analysis

Dangerous Functions

Raw SQL Queries

92 prepared

Unescaped Output

136 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared92 total queries

Output Escaping

100% escaped136 total outputs

Attack Surface

RescueFill — Abandoned Lead Recovery & Automation Attack Surface

Entry Points0

Unprotected0

WordPress Hooks 20

actionadmin_menuadmin/class-rf-admin.php:13

actionadmin_enqueue_scriptsadmin/class-rf-admin.php:14

actionadmin_bar_menuadmin/class-rf-admin.php:15

actionrescue_process_abandoned_leadsincludes/class-rf-cron.php:25

actionrescue_cleanup_old_leadsincludes/class-rf-cron.php:26

actionrescue_send_campaignincludes/class-rf-cron.php:27

actionwpcf7_mail_sentincludes/class-rf-forms.php:36

actionwpcf7_submitincludes/class-rf-forms.php:37

actionwpforms_process_completeincludes/class-rf-forms.php:43

actiongform_after_submissionincludes/class-rf-forms.php:49

actionninja_forms_after_submissionincludes/class-rf-forms.php:55

actionelementor_pro/forms/new_recordincludes/class-rf-forms.php:61

actionrest_api_initincludes/class-rf-loader.php:51

filterRESCUE_js_dataincludes/class-rf-loader.php:70

actiontemplate_redirectincludes/class-rf-recovery.php:25

filterquery_varsincludes/class-rf-recovery.php:26

actionwp_enqueue_scriptspublic/class-rf-public.php:13

actionplugins_loadedrescuefill.php:91

actionadmin_noticesrescuefill.php:94

actionadmin_noticesrescuefill.php:109

Scheduled Events 3

rescue_process_abandoned_leads

rescue_cleanup_old_leads

rescue_send_campaign

Maintenance & Trust

RescueFill — Abandoned Lead Recovery & Automation Maintenance & Trust

Maintenance Signals

WordPress version tested7.0

Last updatedApr 4, 2026

PHP min version8.0

Downloads351

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

RescueFill — Abandoned Lead Recovery & Automation Alternatives

Leadfox for WordPress

leadfox

Integrate Leadfox tracking code to enable contact synchronisation with a contact lists, forms and enable pop-ups on your WordPress site.

200 1 CVE

Contact Form 7 SendInBlue Opt-in Checkbox

cf7-sendinblue-opt-in-checkbox

WordPress plugin to add a SendinBlue Opt-in checkbox for Contact Form 7

100 No CVEs

WPMktgEngine

wpmktgengine

100

WPMktgEngine turns your WordPress site into a marketing engine for your business. A comprehensive online marketing platform.

30 No CVEs

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M 1 CVE

ActiveCampaign – The autonomous marketing platform

activecampaign-subscription-forms

Add ActiveCampaign contact forms and live chat to any post, page, or sidebar. Also enable ActiveCampaign site tracking for your WordPress blog.

40K 4 CVEs

Developer Profile

RescueFill — Abandoned Lead Recovery & Automation Developer Profile

codefreex

2 plugins · 10 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect RescueFill — Abandoned Lead Recovery & Automation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/rescuefill/admin/js/admin.min.js/wp-content/plugins/rescuefill/admin/css/admin.min.css

Script Paths

/wp-content/plugins/rescuefill/admin/js/admin.min.js

Version Parameters

rescuefill/admin/js/admin.min.js?ver=rescuefill/admin/css/admin.min.css?ver=

HTML / DOM Fingerprints

Data Attributes

data-rf-slug

JS Globals

rescuefillApp

REST Endpoints

/wp-json/rescuefill/v1/settings/wp-json/rescuefill/v1/update-setting

FAQ