Does Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder have any unpatched vulnerabilities?

No. All known vulnerabilities in Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder compatible with WordPress 6.9.4?

According to WordPress.org data, Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder 1.5.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Security & Risk Analysis

wordpress.org/plugins/whistleblowing-system

Create anonymous whistleblowing or standard contact forms with free conditional logic and secure two-way messaging. GDPR-compliant and responsive.

100 active installs v1.5.0 PHP 7.4+ WP 5.2+ Updated Mar 8, 2026

anonymousformsecure-contact-formwhistleblowerwhistleblowing

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Safe to Use in 2026?

Generally Safe

Score 100/100

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 27d ago

Risk Assessment

The "whistleblowing-system" plugin v1.5.0 demonstrates a generally strong security posture, characterized by diligent use of prepared statements for SQL queries and proper output escaping. The presence of numerous nonce and capability checks indicates a good understanding of WordPress security best practices, and the absence of known CVEs or critical taint flows is a significant positive. However, the static analysis did reveal two flows with unsanitized paths, which, while not classified as critical or high severity by the taint analysis, represent a potential area of concern. The limited attack surface, with all identified entry points possessing authentication checks, further contributes to its relatively secure design. The plugin's lack of a vulnerability history is encouraging but doesn't negate the importance of addressing the identified unsanitized path flows.

Key Concerns

Unsanitized path flows

Vulnerabilities

None known

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Code Analysis

Dangerous Functions

Raw SQL Queries

16 prepared

Unescaped Output

1204 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select2

SQL Query Safety

94% prepared17 total queries

Output Escaping

98% escaped1233 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

15 flows2 with unsanitized paths

display (admin\whistleblower_form_edit_page.php:467)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Attack Surface

Entry Points6

Unprotected0

AJAX Handlers 4

authwp_ajax_wbls_admin_ajaxincludes\class-wbls-whistleblower.php:95

authwp_ajax_wbls_front_ajaxincludes\class-wbls-whistleblower.php:96

noprivwp_ajax_wbls_front_ajaxincludes\class-wbls-whistleblower.php:97

authwp_ajax_wbls_send_deactivation_reasonincludes\class-wbls-whistleblower.php:109

Shortcodes 2

[wbls-whistleblower-form] includes\class-wbls-whistleblower.php:100

[wblsform] includes\class-wbls-whistleblower.php:101

WordPress Hooks 18

actionadmin_footeradmin\includes\pro_trial.php:6

actionadmin_noticesadmin\includes\rate_notice.php:18

actionadmin_initadmin\includes\rate_notice.php:19

actioninitApps\blocks.php:49

actionwp_footerfrontend\frontend.php:80

actionwp_footerfrontend\frontend.php:135

actionwp_footerfrontend\frontend.php:158

actioninitincludes\class-wbls-whistleblower.php:85

actionplugins_loadedincludes\class-wbls-whistleblower.php:86

actionadmin_initincludes\class-wbls-whistleblower.php:87

actionadmin_menuincludes\class-wbls-whistleblower.php:88

actionwp_enqueue_scriptsincludes\class-wbls-whistleblower.php:91

actionadmin_enqueue_scriptsincludes\class-wbls-whistleblower.php:92

actionadmin_footerincludes\class-wbls-whistleblower.php:104

actioncurrent_screenincludes\class-wbls-whistleblower.php:110

actionwbls_purge_old_logs_eventincludes\class-wbls-whistleblower.php:116

filterquery_varsincludes\class-wbls-whistleblower.php:122

actionadmin_headincludes\class-wbls-whistleblower.php:738

Maintenance & Trust

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 8, 2026

PHP min version7.4

Downloads9K

Community Trust

Rating100/100

Number of ratings1

Active installs100

Alternatives

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Alternatives

Trusty Whistleblowing Solution

trusty-whistleblowing-solution

Trusty is an instantly available, customizable and secure web-based whistleblowing solution developed by compliance experts.

500 1 unpatched

Fast Secure Contact Form Newsletter

contact-form-newsletter

Easily add your Fast Secure Contact Form submissions to Constant Contact email marketing lists.

200 No CVEs

ANON::form embedded secure form

anonform-embedded-secure-form

Embed ANON::form's End-to-End Encrypted secure and anonymized web forms into your website with an iframe and a shortcode.

10 1 CVE

FEP Contact Form

fep-contact-form

FEP Contact Form is a secure contact form to your WordPress site.This can be used with Front End PM or without.

10 No CVEs

SpeedMetriks

speedmetriks

A self-contained service to see how visitors experience your site.

10 No CVEs

Developer Profile

Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder Developer Profile

Whistleblowing Form Team

1 plugin · 100 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/whistleblowing-system/admin/assets/images/whistleblowing_logo.png

HTML / DOM Fingerprints

CSS Classes

wbls-admin-headerwbls-admin-header-logowbls-page-titlewbls-buttonwbls-button-add-formwbls-response-messagewbls-contentwbls-forms-list+11 more

Data Attributes

data-id

Shortcode Output

[wblsform id=

FAQ