Does WCC CF7 to Brevo have any unpatched vulnerabilities?

No. All known vulnerabilities in WCC CF7 to Brevo have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WCC CF7 to Brevo compatible with WordPress 6.8.5?

According to WordPress.org data, WCC CF7 to Brevo 1.1.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is WCC CF7 to Brevo compatible with PHP 7.2+?

WCC CF7 to Brevo requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WCC CF7 to Brevo updated?

WCC CF7 to Brevo was last updated on Unknown. Frequent updates are generally a positive security signal.

What is WCC CF7 to Brevo's security score?

WCC CF7 to Brevo has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WCC CF7 to Brevo Security & Risk Analysis

wordpress.org/plugins/wcc-cf7-to-brevo

Send Contact Form 7 Plugin Submissions to Brevo.

10 active installs v1.1.0 PHP 7.2+ WP 4.7+ Updated Unknown

brevocontact-form-7-brevocontact-form-7-brevo-web-to-leadwordpress-brevowordpress-brevo-integration

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is WCC CF7 to Brevo Safe to Use in 2026?

Generally Safe

Score 100/100

WCC CF7 to Brevo has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "wcc-cf7-to-brevo" plugin v1.1.0 exhibits a generally good security posture based on the static analysis. The plugin demonstrates strong adherence to secure coding practices by using prepared statements for the vast majority of its SQL queries and properly escaping nearly all output. The absence of any known CVEs in its history is also a positive indicator of its security maintenance. The plugin also implements a substantial number of nonce checks, which helps protect against CSRF attacks.

However, there are specific areas of concern highlighted by the taint analysis. The presence of 5 high-severity flows with unsanitized paths suggests potential vulnerabilities where user-supplied input could be manipulated to affect file operations or other sensitive system functions. While the overall attack surface via AJAX is protected by authentication, these unsanitized paths represent a critical risk that needs immediate attention. The single file operation and external HTTP requests, while not explicitly flagged as vulnerable, warrant scrutiny in conjunction with the taint analysis results.

In conclusion, while the plugin has a solid foundation in secure coding, the high-severity taint flows present a significant risk that overshadows its otherwise positive attributes. The lack of any historical vulnerabilities is encouraging but does not negate the current, data-backed risks identified. Addressing these taint flows should be the top priority to improve the plugin's overall security.

Key Concerns

High severity unsanitized path flows (5)
Limited capability checks on entry points

Vulnerabilities

None known

WCC CF7 to Brevo Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WCC CF7 to Brevo Code Analysis

Dangerous Functions

Raw SQL Queries

73 prepared

Unescaped Output

394 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

87% prepared84 total queries

Output Escaping

98% escaped404 total outputs

Data Flows

5 unsanitized

Data Flow Analysis

10 flows5 with unsanitized paths

wcc_cf7_brevo_get_module_fields (Inc\WccCf7Brevo_Actions.php:156)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

WCC CF7 to Brevo Attack Surface

Entry Points8

Unprotected0

AJAX Handlers 8

noprivwp_ajax_wcc_cf7_brevo_get_module_fieldsInc\WccCf7Brevo_Actions.php:56

authwp_ajax_wcc_cf7_brevo_get_module_fieldsInc\WccCf7Brevo_Actions.php:57

noprivwp_ajax_wcc_cf7_brevo_get_module_fields_and_form_fieldInc\WccCf7Brevo_Actions.php:60

authwp_ajax_wcc_cf7_brevo_get_module_fields_and_form_fieldInc\WccCf7Brevo_Actions.php:61

noprivwp_ajax_wcc_cf7_brevo_get_coinditions_fieldsInc\WccCf7Brevo_Actions.php:63

authwp_ajax_wcc_cf7_brevo_get_coinditions_fieldsInc\WccCf7Brevo_Actions.php:64

noprivwp_ajax_wcc_cf7_brevo_statusInc\WccCf7Brevo_Actions.php:68

authwp_ajax_wcc_cf7_brevo_statusInc\WccCf7Brevo_Actions.php:70

WordPress Hooks 7

actioninitInc\WccCf7Brevo_Actions.php:37

actionadmin_enqueue_scriptsInc\WccCf7Brevo_Actions.php:41

actionadmin_menuInc\WccCf7Brevo_Actions.php:43

actionadmin_menuInc\WccCf7Brevo_Actions.php:44

actionwcc_entries_form_cf7_submit_actionInc\WccCf7Brevo_Actions.php:49

actionwpcf7_before_send_mailInc\WccCf7Brevo_Actions.php:51

actionwcc_entries_below_view_page_leftInc\WccCf7Brevo_Actions.php:72

Maintenance & Trust

WCC CF7 to Brevo Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedUnknown

PHP min version7.2

Downloads278

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

WCC CF7 to Brevo Alternatives

WCC GF to Brevo

wcc-gf-to-brevo

100

Send Gravity Form Plugin Submissions to Brevo.

0 No CVEs

Brevo – Email, SMS, Web Push, Chat, and more.

mailin

Turn your WordPress site into a marketing powerhouse. Grow your audience, boost engagement, and drive more sales with Brevo.

100K 9 CVEs

Integration for Elementor forms – Sendinblue

integration-for-elementor-forms-sendinblue

100

Connect your Elementor Pro forms to Sendinblue/Brevo to easily capture and manage contacts from your website.

7K No CVEs

Add-on Brevo for Gravity Forms

addon-gravityforms-sendinblue-free

100

Connect Gravity Forms to Brevo (Sendinblue). Sync form fields with Brevo attributes and automatically generate contacts in specified lists.

1K No CVEs

Contact Form to Brevo

contact-form-to-brevo

100

Add Contact Form 7 Data to Brevo Contact lists.

900 No CVEs

Developer Profile

WCC CF7 to Brevo Developer Profile

weconnectcodeplugins

11 plugins · 10 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WCC CF7 to Brevo

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wcc-cf7-to-brevo/assets/css/wcc-cf7-to-brevo.css/wp-content/plugins/wcc-cf7-to-brevo/assets/js/wcc-cf7-to-brevo.js

Version Parameters

wcc-cf7-to-brevo/assets/css/wcc-cf7-to-brevo.css?ver=wcc-cf7-to-brevo/assets/js/wcc-cf7-to-brevo.js?ver=

HTML / DOM Fingerprints

CSS Classes

wcc-cf7-brevo-form-wrapper

HTML Comments

Data Attributes

data-wcc-cf7-brevo-form-id

JS Globals

wcc_cf7_brevo_ajax_object

Shortcode Output

[wcc_cf7_brevo_shortcode]

FAQ