WP-Safety

WCC CF7 to Lawmatics Security & Risk Analysis

wordpress.org/plugins/wcc-cf7-to-lawmatics

Send Contact Form 7 Plugin Submissions to Lawmatics.

0 active installs v1.1.0 PHP 7.2+ WP 4.7+ Updated Unknown
contact-form-7-lawmaticscontact-form-7-lawmatics-web-to-leadlawmaticswordpress-lawmaticswordpress-lawmatics-integration
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is WCC CF7 to Lawmatics Safe to Use in 2026?

Generally Safe

Score 100/100

WCC CF7 to Lawmatics has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs
Risk Assessment

The 'wcc-cf7-to-lawmatics' plugin version 1.1.0 demonstrates a generally strong security posture, with excellent adherence to best practices like prepared statements for SQL queries and proper output escaping. The absence of known CVEs and a clean vulnerability history is a significant positive indicator. The plugin also correctly implements nonce checks for its AJAX handlers and avoids bundled libraries, reducing potential attack vectors from outdated components.

However, the taint analysis reveals a concerning pattern of 5 high-severity flows with unsanitized paths. This suggests that user-supplied data might be improperly handled in certain operations, potentially leading to path traversal or file manipulation vulnerabilities if these paths are used for file system operations. While the static analysis indicates only one file operation and no explicit mentions of dangerous functions, the high-severity taint flows warrant careful investigation and remediation.

In conclusion, the plugin benefits from a solid foundation of secure coding practices and a clean track record. The primary weakness lies in the identified high-severity taint flows, which, if exploited, could pose significant risks. Addressing these specific unsanitized path issues should be the immediate priority to maintain its otherwise good security standing.

Key Concerns

  • High severity unsanitized paths in taint flows
Vulnerabilities
None known

WCC CF7 to Lawmatics Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

WCC CF7 to Lawmatics Code Analysis

Dangerous Functions
0
Raw SQL Queries
7
61 prepared
Unescaped Output
21
440 escaped
Nonce Checks
25
Capability Checks
0
File Operations
1
External Requests
6
Bundled Libraries
0

SQL Query Safety

90% prepared68 total queries

Output Escaping

95% escaped461 total outputs
Data Flows
5 unsanitized

Data Flow Analysis

10 flows5 with unsanitized paths
wcc_cf7_lawmatics_get_module_fields (Inc\WccCf7Lawmatics_Actions.php:158)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

WCC CF7 to Lawmatics Attack Surface

Entry Points8
Unprotected0

AJAX Handlers 8

noprivwp_ajax_wcc_cf7_lawmatics_get_module_fieldsInc\WccCf7Lawmatics_Actions.php:58
authwp_ajax_wcc_cf7_lawmatics_get_module_fieldsInc\WccCf7Lawmatics_Actions.php:59
noprivwp_ajax_wcc_cf7_lawmatics_get_module_fields_and_form_fieldInc\WccCf7Lawmatics_Actions.php:62
authwp_ajax_wcc_cf7_lawmatics_get_module_fields_and_form_fieldInc\WccCf7Lawmatics_Actions.php:63
noprivwp_ajax_wcc_cf7_lawmatics_get_coinditions_fieldsInc\WccCf7Lawmatics_Actions.php:65
authwp_ajax_wcc_cf7_lawmatics_get_coinditions_fieldsInc\WccCf7Lawmatics_Actions.php:66
noprivwp_ajax_wcc_cf7_lawmatics_statusInc\WccCf7Lawmatics_Actions.php:70
authwp_ajax_wcc_cf7_lawmatics_statusInc\WccCf7Lawmatics_Actions.php:72
WordPress Hooks 7
actioninitInc\WccCf7Lawmatics_Actions.php:37
actionadmin_enqueue_scriptsInc\WccCf7Lawmatics_Actions.php:43
actionadmin_menuInc\WccCf7Lawmatics_Actions.php:45
actionadmin_menuInc\WccCf7Lawmatics_Actions.php:46
actionwcc_entries_form_cf7_submit_actionInc\WccCf7Lawmatics_Actions.php:51
actionwpcf7_before_send_mailInc\WccCf7Lawmatics_Actions.php:53
actionwcc_entries_below_view_page_leftInc\WccCf7Lawmatics_Actions.php:74
Maintenance & Trust

WCC CF7 to Lawmatics Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedUnknown
PHP min version7.2
Downloads577

Community Trust

Rating0/100
Number of ratings0
Active installs0
Alternatives

WCC CF7 to Lawmatics Alternatives

WCC Gravity Form to Lawmatics

WCC Gravity Form to Lawmatics

wcc-gravity-form-to-lawmatics

A
92

Send Gravity Form Plugin Submissions to Lawmatics.

0 No CVEs
Developer Profile

WCC CF7 to Lawmatics Developer Profile

weconnectcodeplugins

11 plugins · 10 total installs

93
trust score
Avg Security Score
99/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect WCC CF7 to Lawmatics

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/wcc-cf7-to-lawmatics/assets/css/wcc-cf7-lawmatics.css/wp-content/plugins/wcc-cf7-to-lawmatics/assets/js/wcc-cf7-lawmatics.js/wp-content/plugins/wcc-cf7-to-lawmatics/assets/js/wcc-cf7-lawmatics-admin.js
Script Paths
/wp-content/plugins/wcc-cf7-to-lawmatics/assets/js/wcc-cf7-lawmatics.js/wp-content/plugins/wcc-cf7-to-lawmatics/assets/js/wcc-cf7-lawmatics-admin.js
Version Parameters
wcc-cf7-to-lawmatics/assets/css/wcc-cf7-lawmatics.css?ver=wcc-cf7-to-lawmatics/assets/js/wcc-cf7-lawmatics.js?ver=wcc-cf7-to-lawmatics/assets/js/wcc-cf7-lawmatics-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
wcc-cf7-lawmatics-wrap
Data Attributes
data-plugin-name="WCC CF7 to Lawmatics"data-plugin-version="1.1.0"
JS Globals
wcc_cf7_lawmatics_ajax_object
Shortcode Output
[wcc_cf7_lawmatics_shortcode]
FAQ

Frequently Asked Questions about WCC CF7 to Lawmatics