Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Security & Risk Analysis

wordpress.org/plugins/whistleblowing-system

Create anonymous whistleblowing or standard contact forms with free conditional logic and secure two-way messaging. GDPR-compliant and responsive.

200 active installs v1.5.1 PHP 7.4+ WP 5.2+ Updated Apr 12, 2026
anonymousformsecure-contact-formwhistleblowerwhistleblowing
100
A · Safe
CVEs total0
Unpatched0
Last CVENever
Safety Verdict

Is Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Safe to Use in 2026?

Generally Safe

Score 100/100

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago
Risk Assessment

The "whistleblowing-system" plugin v1.5.0 demonstrates a generally strong security posture, characterized by diligent use of prepared statements for SQL queries and proper output escaping. The presence of numerous nonce and capability checks indicates a good understanding of WordPress security best practices, and the absence of known CVEs or critical taint flows is a significant positive. However, the static analysis did reveal two flows with unsanitized paths, which, while not classified as critical or high severity by the taint analysis, represent a potential area of concern. The limited attack surface, with all identified entry points possessing authentication checks, further contributes to its relatively secure design. The plugin's lack of a vulnerability history is encouraging but doesn't negate the importance of addressing the identified unsanitized path flows.

Key Concerns

  • Unsanitized path flows
Vulnerabilities
None known

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Release Timeline

v1.5.1Current
v1.5.0
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.3.16
v1.3.15
v1.3.14
v1.3.13
v1.3.12
v1.3.11
v1.3.10
v1.3.9
Code Analysis
Analyzed Mar 16, 2026

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Code Analysis

Dangerous Functions
0
Raw SQL Queries
1
16 prepared
Unescaped Output
29
1204 escaped
Nonce Checks
21
Capability Checks
15
File Operations
4
External Requests
1
Bundled Libraries
1

Bundled Libraries

Select2

SQL Query Safety

94% prepared17 total queries

Output Escaping

98% escaped1233 total outputs
Data Flows · Security
2 unsanitized

Data Flow Analysis

15 flows2 with unsanitized paths
display (admin\whistleblower_form_edit_page.php:467)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Attack Surface

Entry Points6
Unprotected0

AJAX Handlers 4

authwp_ajax_wbls_admin_ajaxincludes\class-wbls-whistleblower.php:95
authwp_ajax_wbls_front_ajaxincludes\class-wbls-whistleblower.php:96
noprivwp_ajax_wbls_front_ajaxincludes\class-wbls-whistleblower.php:97
authwp_ajax_wbls_send_deactivation_reasonincludes\class-wbls-whistleblower.php:109

Shortcodes 2

[wbls-whistleblower-form] includes\class-wbls-whistleblower.php:100
[wblsform] includes\class-wbls-whistleblower.php:101
WordPress Hooks 18
actionadmin_footeradmin\includes\pro_trial.php:6
actionadmin_noticesadmin\includes\rate_notice.php:18
actionadmin_initadmin\includes\rate_notice.php:19
actioninitApps\blocks.php:49
actionwp_footerfrontend\frontend.php:80
actionwp_footerfrontend\frontend.php:135
actionwp_footerfrontend\frontend.php:158
actioninitincludes\class-wbls-whistleblower.php:85
actionplugins_loadedincludes\class-wbls-whistleblower.php:86
actionadmin_initincludes\class-wbls-whistleblower.php:87
actionadmin_menuincludes\class-wbls-whistleblower.php:88
actionwp_enqueue_scriptsincludes\class-wbls-whistleblower.php:91
actionadmin_enqueue_scriptsincludes\class-wbls-whistleblower.php:92
actionadmin_footerincludes\class-wbls-whistleblower.php:104
actioncurrent_screenincludes\class-wbls-whistleblower.php:110
actionwbls_purge_old_logs_eventincludes\class-wbls-whistleblower.php:116
filterquery_varsincludes\class-wbls-whistleblower.php:122
actionadmin_headincludes\class-wbls-whistleblower.php:738
Maintenance & Trust

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedApr 12, 2026
PHP min version7.4
Downloads10K

Community Trust

Rating100/100
Number of ratings1
Active installs200
Developer Profile

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Developer Profile

Whistleblowing Form Team

2 plugins · 200 total installs

94
trust score
Avg Security Score
100/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/whistleblowing-system/admin/assets/images/whistleblowing_logo.png

HTML / DOM Fingerprints

CSS Classes
wbls-admin-headerwbls-admin-header-logowbls-page-titlewbls-buttonwbls-button-add-formwbls-response-messagewbls-contentwbls-forms-list+11 more
Data Attributes
data-id
Shortcode Output
[wblsform id=
FAQ

Frequently Asked Questions about Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder