[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fA-LGviputFYJTMvluTZnL2ZiL8tCMJu0-vl1aVqD08E":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":11,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":30,"crawl_stats":27,"alternatives":35,"analysis":143,"fingerprints":521},"whistleblowing-system","Whistleblowing & Contact Form – Secure, Anonymous, Drag & Drop Builder","1.5.0","Whistleblowing Form Team","https:\u002F\u002Fprofiles.wordpress.org\u002Fpokhar\u002F","\u003Cp>\u003Cstrong>Secure Contact & Whistleblowing Form\u003C\u002Fstrong> is the ultimate WordPress plugin for building contact or anonymous reporting forms — fully GDPR-compliant, mobile-friendly, and packed with powerful security features.\u003C\u002Fp>\n\u003Cp>It provides a user-friendly interface for creating secure, encrypted communication channels, including support for the EU Whistleblower Directive (2019\u002F1937). All submitted data is fully encrypted at rest, and uploaded files are stored in encrypted form on the physical server, ensuring maximum confidentiality and protection against unauthorized access.\u003C\u002Fp>\n\u003Cp>Whether you’re a company, school, NGO, or club, you can handle sensitive and confidential submissions with confidence, privacy, and legal compliance.\u003C\u002Fp>\n\u003Cp>The plugin also serves as a full-featured drag & drop form builder with multi-step forms, conditional logic, and unlimited submissions — all for free.\u003C\u002Fp>\n\u003Ch3>Short demo video\u003C\u002Fh3>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FawXnItCglX0?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch3>🔑 Key Features (Free Version)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>🔒 Full Data Encryption\u003C\u002Fstrong> – Encrypt submissions before storage for maximum confidentiality.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🕵️ Anonymous Submissions\u003C\u002Fstrong> – Allow users to report anonymously or include contact details voluntarily.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔁 Two-Way Anonymous Communication\u003C\u002Fstrong> – Secure, token-based messaging between reporter and admin.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>📱 Mobile-Friendly & Responsive\u003C\u002Fstrong> – Works seamlessly on all devices.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🧠 Conditional Logic (Free)\u003C\u002Fstrong> – Show or hide fields dynamically based on user input.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🛠 Drag & Drop Form Builder\u003C\u002Fstrong> – Create forms visually without coding.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>♾️ Unlimited Whistleblowers & Submissions\u003C\u002Fstrong> – No restrictions on the number of reports or users.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>📧 Email Notification\u003C\u002Fstrong> – Send automatic notifications to one selected email address.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>📑 Multiple Forms & Shortcodes\u003C\u002Fstrong> – Use for whistleblowing, feedback, or contact forms.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>💼 Pro Plugin Features (Upgrade)\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>🔒 Uploaded Files Full Encryption\u003C\u002Fstrong> – All uploaded files are fully encrypted and securely stored on the server.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>📤 File Uploads\u003C\u002Fstrong> – Receive supporting documents securely with file size and type restrictions.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>🧩 Multi-Step Forms\u003C\u002Fstrong> – Split long forms into logical steps for better usability.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🎨 Customizable Themes\u003C\u002Fstrong> – Match your site’s design with advanced styling options.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>📊 Export to CSV\u003C\u002Fstrong> – Download and manage submissions offline.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>📧 Multi-Recipient Notifications\u003C\u002Fstrong> – Send alerts to multiple recipients or departments.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔗 Incoming Webhook\u003C\u002Fstrong> – Accept external data into your forms.  \u003C\u002Fli>\n\u003Cli>\u003Cstrong>🔗 Outgoing Webhook\u003C\u002Fstrong> – Send submissions to external services or integrations.  \u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Useful Links:\u003C\u002Fh4>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwhistleblowing-form.de\u002Fen\u002F\" rel=\"nofollow ugc\">Website\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Use Cases\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Internal HR feedback systems\u003C\u002Fli>\n\u003Cli>GDPR-compliant contact forms\u003C\u002Fli>\n\u003Cli>School or university reporting tools\u003C\u002Fli>\n\u003Cli>Secure NGO communication\u003C\u002Fli>\n\u003Cli>Clubs and associations subject to EU regulations\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy Notices\u003C\u002Fh3>\n\u003Cp>Whistleblowing System plugin does not collect and store any data of your users on Whistleblowing-form’s end. All data submitted by your website visitors is stored in your website database. From this perspective, you may be subject to GDPR compliance.\u003C\u002Fp>\n\u003Cp>Whistleblowing System imply interaction between website visitors and website owner. As such you may publish forms that require input of Private data. You need to get explicit consent from your users to comply with GDPR. Under GDPR your users may request access  and\u002For erasure of their entry data at any time. Here you can find how to export and\u002For delete reports.\u003C\u002Fp>\n\u003Ch3>Notes\u003C\u002Fh3>\n\u003Cp>Whistleblowing system, with the variety of functions, is working to make your experience the best it can be. We’re one of the only form builders around that offers support for all users. With us you can make sure that your forms are safe, anonymous and designed as per your expectations.\u003C\u002Fp>\n\u003Cp>If you have any questions or suggestions, we’re always happy to hear from you. Our dedicated support team will help you with technical questions every Monday to Friday. We are also open for feedback. It helps us see what we lack and which direction to grow towards. It is the key to our success.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwhistleblowing-form.de\u002Fen\u002Fcontact-whistleblowing-system\u002F\" rel=\"nofollow ugc\">Contact us!\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>World Class Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>⏱ Quick responses – typically within a few hours\u003C\u002Fli>\n\u003Cli>🧑‍💻 Resolutions in under 24 hours\u003C\u002Fli>\n\u003Cli>📣 Feedback-driven development\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Have questions or suggestions? Reach us anytime via \u003Ca href=\"https:\u002F\u002Fwhistleblowing-form.de\u002Fen\u002Fcontact-whistleblowing-system\u002F\" rel=\"nofollow ugc\">Contact Page\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Ch4>Deactivation Feedback Endpoint\u003C\u002Fh4>\n\u003Cp>This plugin optionally sends deactivation feedback when the user chooses to submit it during plugin deactivation.\u003Cbr \u002F>\n-Domain: https:\u002F\u002Fwhistleblowing-form.de\u002F\u003Cbr \u002F>\n-Purpose: To receive voluntary plugin deactivation feedback from the admin user.\u003Cbr \u002F>\n-Data Sent:\u003Cbr \u002F>\nAdmin email (or custom email provided in the feedback form)\u003Cbr \u002F>\nSelected deactivation reason\u003Cbr \u002F>\nOptional message entered by the user\u003Cbr \u002F>\nSite URL\u003Cbr \u002F>\n-Conditions:\u003Cbr \u002F>\nData is sent only if the user submits the feedback form.\u003Cbr \u002F>\nNo data is sent when the user clicks “Skip”.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwhistleblowing-form.de\u002Fen\u002Fterms-and-conditions\u002F\" rel=\"nofollow ugc\">Terms and conditions\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwhistleblowing-form.de\u002Fen\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","Create anonymous whistleblowing or standard contact forms with free conditional logic and secure two-way messaging. GDPR-compliant and responsive.",100,9117,1,"2026-03-08T14:13:00.000Z","6.9.4","5.2","7.4",[19,20,21,22,23],"anonymous","form","secure-contact-form","whistleblower","whistleblowing","https:\u002F\u002Fwhistleblowing-form.de","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhistleblowing-system.1.5.0.zip",0,null,"2026-03-15T15:16:48.613Z",[],{"slug":31,"display_name":7,"profile_url":8,"plugin_count":13,"total_installs":11,"avg_security_score":11,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},"pokhar",30,94,"2026-04-05T12:44:31.365Z",[36,59,83,105,123],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":11,"num_ratings":46,"last_updated":47,"tested_up_to":48,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":55,"download_link":56,"security_score":57,"vuln_count":13,"unpatched_count":13,"last_vuln_date":58,"fetched_at":28},"trusty-whistleblowing-solution","Trusty Whistleblowing Solution","1.5.4","Dejan Jasnic","https:\u002F\u002Fprofiles.wordpress.org\u002Ftrustyreport\u002F","\u003Cp>Trusty is an instantly available, customizable and secure web-based whistleblowing solution developed by compliance experts. It is hosted on the virtual server in Germany, complies with the EU and US whistleblowing regulations and supports multiple languages.\u003C\u002Fp>\n\u003Cp>The solution includes the front-end webpages, which are intended for potential whistleblowers. You will receive your individual link to these web pages after signing up. We suggest that you publish the link on your web-site.\u003C\u002Fp>\n\u003Cp>On these webpages whistleblowers can submit reports, enter their inboxes and find answers to the most common questions. When submitting reports, whistleblowers are led through questions, asking them to provide the most relevant information. If you allow for anonymous reporting, whistleblowers do not need to identify themselves to submit their reports.\u003C\u002Fp>\n\u003Cp>Once a report is submitted, an inbox is generated for every whistleblower, so they can stay in touch with you and follow their reports in a secure and confidential way. The log in credentials for the inboxes are shown on the screen so whistleblowers can write them down.\u003C\u002Fp>\n\u003Cp>The solution also includes a powerful case management tool. There, you will be able to categorize the reports, set retention periods, write notes and follow up activities, upload files, securely communicate with whistleblowers and use numerous other features which are intuitive and easy to use.\u003C\u002Fp>\n\u003Cp>Sign up and test it out. No upfront commitments nor credit cards required. Just a couple of minutes of your time.\u003C\u002Fp>\n","Trusty is an instantly available, customizable and secure web-based whistleblowing solution developed by compliance experts.",500,7053,15,"2025-11-19T14:52:00.000Z","6.8.5","5.6","7.1",[52,53,22,23,54],"hinweisgeberlosung","hinweisgebersystem","whistleblowing-solution","https:\u002F\u002Fwww.trusty.report","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftrusty-whistleblowing-solution.1.5.4.zip",78,"2025-06-23 00:00:00",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":69,"num_ratings":70,"last_updated":71,"tested_up_to":72,"requires_at_least":73,"requires_php":74,"tags":75,"homepage":80,"download_link":81,"security_score":82,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"contact-form-newsletter","Fast Secure Contact Form Newsletter","2.1.2","Zack Katz","https:\u002F\u002Fprofiles.wordpress.org\u002Fkatzwebdesign\u002F","\u003Ch3>The Fast Secure Contact Form plugin now has newsletter support\u003C\u002Fh3>\n\u003Cp>The Fast Secure Contact form has \u003Cem>5 million\u003C\u002Fem> downloads, and now — with this add-on plugin — it has easy integration with Constant Contact, the world’s leading email marketing platform!\u003C\u002Fp>\n\u003Ch3>Setting up newsletter integration is simple:\u003C\u002Fh3>\n\u003Ch4>1. Add your Constant Contact username & password. Save the form.\u003C\u002Fh4>\n\u003Ch4>2. Select the lists you want contacts added to. Save the form.\u003C\u002Fh4>\n\u003Ch4>3. There’s no Step 3.\u003C\u002Fh4>\n\u003Cp>Note: The plugin requires PHP 5.2 or higher. Constant Contact offers a free 60 day trial, after which time it is a paid service.\u003C\u002Fp>\n\u003Ch3>What can \u003Ca href=\"http:\u002F\u002Fwordpress.constantcontact.com\" rel=\"nofollow ugc\">Constant Contact\u003C\u002Fa> do for you?\u003C\u002Fh3>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002Fmtls95lAnJ4?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n","Easily add your Fast Secure Contact Form submissions to Constant Contact email marketing lists.",200,37231,74,12,"2014-08-27T01:21:00.000Z","4.0.38","2.8","",[76,77,78,79],"contact-form","contact-forms","fast-secure-contact-form","newsletter","http:\u002F\u002Fwww.katzwebservices.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcontact-form-newsletter.zip",85,{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":91,"downloaded":92,"rating":11,"num_ratings":13,"last_updated":93,"tested_up_to":15,"requires_at_least":94,"requires_php":49,"tags":95,"homepage":101,"download_link":102,"security_score":103,"vuln_count":13,"unpatched_count":26,"last_vuln_date":104,"fetched_at":28},"anonform-embedded-secure-form","ANON::form embedded secure form","1.8","Anonform Ab","https:\u002F\u002Fprofiles.wordpress.org\u002Fanonform\u002F","\u003Cp>This plugin allows you to embed \u003Ca href=\"https:\u002F\u002Fanonform.com\" rel=\"nofollow ugc\">ANON::form’s\u003C\u002Fa> E2EE (End-to-End Encrypted) secure and anonymized web forms into your website with an iframe and with a shortcode.\u003C\u002Fp>\n\u003Cp>The requirements for secure communication with secure forms and storage of sensitive information are steadily increasing, not least from authorities through GDPR and the protection of whistleblowers.\u003C\u002Fp>\n\u003Cp>Something that is often overlooked but directly affected by the new requirements is the web forms used on the web pages and websites to create contact or collect information, with email as transport.\u003C\u002Fp>\n\u003Cp>ANON::form is a complete, easy-to-implement and scalable solution for secure electronic web-based forms that meet all existing requirements for not only security but also anonymity and (un)traceability.\u003C\u002Fp>\n\u003Cp>\u003Ciframe loading=\"lazy\" title=\"Secure & Anonymous Web Forms – Whistleblower, Tip & Contact Forms #Whistleblower #Forms #Privacy\" width=\"563\" height=\"1000\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FIw1BmHT_aO8?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fp>\n\u003Ch4>Create a Whistleblower Channel using secure e-forms\u003C\u002Fh4>\n\u003Cp>ANON::form’s secure and anonymous e-forms meet the requirements of a secure whistleblowing channel. Simple and cost-effective (from €5\u002Fmonth), pay only for what you really need. \u003Ca href=\"https:\u002F\u002Fanonform.com\u002Fcreate-whistleblower-channel-with-wordpress-joomla-or-drupal-for-e5-per-month\u002F\" rel=\"nofollow ugc\">Read more\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>ANON::form is secure and anonymized\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Meets safety requirements\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>ANON::form is a service that meets the requirements for security according to the respective standard for:\u003Cbr \u002F>\nEU\u002FGDPR + EU\u002FSchrems II\u003Cbr \u002F>\nCH\u002FrevFADP\u003Cbr \u002F>\nUK\u002FFCA\u003Cbr \u002F>\nUS\u002FSOX\u003Cbr \u002F>\nPCI-DSS + HIPAA + NIST\u003Cbr \u002F>\nand receives the rating A+ from Qualsys SSL Labs and ImmuniWeb.\u003C\u002Fp>\n\u003Cp>ANON::form follows the Zero Trust framework for a secure infrastructure.\u003C\u002Fp>\n\u003Cp>All certificates are encrypted with SHA256\u002FRSA 2048 bits\u002FTLS 1.2 + 1.3.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Meets the requirement for Zero Access Encryption\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>ANON::form does not store form data and meets the requirement for Zero Access Encryption, suppliers who receive form data from ANON::form comply with Zero Access Encryption in that all data stored is encrypted via endpoints (E2EE) with personal keys.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Meets the requirement for privacy\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>ANON::form fulfills the requirement for anonymity in that no traffic, error or other logs are activated (No-Log Policy), all form data is sent encrypted directly to receiving systems without intermediaries.\u003C\u002Fp>\n\u003Cp>Nothing is saved in the computer or browser by the service, but the use of incognito windows, or even better Tor Browser, is recommended to prevent sensitive data from being saved by the browser’s own functions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Protected against malicious code\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>ANON::form is protected against malicious code by cleaning up all form data before it is processed by the server system. We do not have any online editing of forms, everything is uploaded manually by us after virus and other security checks.\u003C\u002Fp>\n\u003Cp>All services are run on own servers in secure datacenters. The encryption software we use is open source (OpenPGP) which is constantly reviewed by a large community spread all over the world.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Spam protection\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>All forms have Captcha protection against robot-generated spam. The Captcha function is locally installed and does not download anything from external sources such as Google. The forms also support \u003Ca href=\"https:\u002F\u002Fwww.hcaptcha.com\u002F\" rel=\"nofollow ugc\">hCaptcha\u003C\u002Fa>, which offers better spam protection but poorer anonymity through increased traceability.\u003C\u002Fp>\n\u003Ch4>EU\u002FEN 301549 and W3C\u002FWCAG 2.1 AA Compliance\u003C\u002Fh4>\n\u003Cp>All forms meet the accessibility requirements according to EU Directive 2016\u002F2102 and other corresponding directives in different countries according to WCAG 2.0\u002F2.1 AA and associated legislation.\u003C\u002Fp>\n\u003Ch4>Pre-built form templates\u003C\u002Fh4>\n\u003Cp>ANON::form comes with pre-built form templates, both embedded and stand-alone with or whitout attachment, to help you save time. You can add, remove, or re-arrange fields as necessary. Or create special forms for handling sensitive data such as sick leave.\u003C\u002Fp>\n\u003Cp>Pre-built form templates:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Contact form; a standard contact form\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Whistleblower forms; approved for use as a whistleblower channel, can also be used as a tip form for journalists etc\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Tip form; anonymous option for journalists, media and others who want to receive non-whistleblowing tips\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Sick leave form; a simple and quick way to report sickness absence with the mobile phone, pad or computer\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Currently available in 42 languages\u003C\u002Fh4>\n\u003Cp>ANON::form forms support Albanian, Arabic, Bosnian, Bulgarian, Catalan, Croatian, Czech, Danish, Dutch, English, Estonian, Filipino, Finnish, Frensh, German, Greek, Hindi, Hungarian, Icelandic, Indonesian, Irish, Italian, Latvian, Lithuanian, Malay, Maltese, Norwegian, Persian, Polish, Portuguese, Romanian, Russian, Serbian, Slovak, Slovenian, Spanish, Swahili, Swedish, Tamil, Thai, Turkish, Ukrainian\u003C\u002Fp>\n\u003Ch4>Mobile Ready and Optimized for Speed\u003C\u002Fh4>\n\u003Cp>ANON::form forms are 100% responsive and mobile-friendly by default. We also optimized both the frontend and the backend to ensure maximum speed.\u003C\u002Fp>\n\u003Ch4>How to use it\u003C\u002Fh4>\n\u003Cp>ANON::form E2EE forms are web forms where the form data is encrypted in the browser and then sent as email via an encrypted and anonymized channel established by ANON::form’s servers.\u003C\u002Fp>\n\u003Cp>The recipient can be any email client that can decrypt PGP, we recommend a free account with \u003Ca href=\"https:\u002F\u002Fproton.me\u002F\" rel=\"nofollow ugc\">Proton\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fanonform.com\u002Fsecure-forms-for-websites\u002F\" rel=\"nofollow ugc\">Read more\u003C\u002Fa>\u003C\u002Fp>\n","Embed ANON::form's End-to-End Encrypted secure and anonymized web forms into your website with an iframe and a shortcode.",10,2305,"2025-11-28T08:47:00.000Z","5.0",[96,97,98,99,100],"captcha","end-to-end-encryption","gdpr-compliance","secure-form","whistleblower-form","https:\u002F\u002Fanonform.com\u002Fen\u002Fdocs\u002Feasily-embed-with-our-wordpress-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fanonform-embedded-secure-form.1.8.zip",99,"2025-06-19 00:00:00",{"slug":106,"name":107,"version":108,"author":109,"author_profile":110,"description":111,"short_description":112,"active_installs":91,"downloaded":113,"rating":26,"num_ratings":26,"last_updated":114,"tested_up_to":115,"requires_at_least":73,"requires_php":74,"tags":116,"homepage":120,"download_link":121,"security_score":82,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":122},"fep-contact-form","FEP Contact Form","3.2","Shamim Hasan","https:\u002F\u002Fprofiles.wordpress.org\u002Fshamim51\u002F","\u003Cp>FEP Contact Form is a secure contact form to your WordPress site.This can be used with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Ffront-end-pm\u002F\" rel=\"ugc\">Front End PM\u003C\u002Fa> or without.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Admins can set how many messages to show per page in the message box.\u003C\u002Fli>\n\u003Cli>Admins can see all contact message sent to any user.\u003C\u002Fli>\n\u003Cli>Admins can select department and to whom message will be send for that department.\u003C\u002Fli>\n\u003Cli>Manual and AKISMET check of contact message.\u003C\u002Fli>\n\u003Cli>Reply directly to Email address from front end.\u003C\u002Fli>\n\u003Cli>Send Email to any Email address from front end.\u003C\u002Fli>\n\u003Cli>IP, Email blacklist, Whitelist.\u003C\u002Fli>\n\u003Cli>Time delay between two messages send by same user\u002Fvisitor.\u003C\u002Fli>\n\u003C\u002Ful>\n","FEP Contact Form is a secure contact form to your WordPress site.This can be used with Front End PM or without.",3586,"2015-04-23T20:25:00.000Z","4.2.39",[76,117,118,21,119],"email","mail","simple-contact-form","https:\u002F\u002Fshamimbiplob.wordpress.com\u002Fcontact-us\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffep-contact-form.zip","2026-03-15T14:54:45.397Z",{"slug":124,"name":125,"version":126,"author":127,"author_profile":128,"description":129,"short_description":130,"active_installs":91,"downloaded":131,"rating":26,"num_ratings":26,"last_updated":132,"tested_up_to":133,"requires_at_least":134,"requires_php":135,"tags":136,"homepage":141,"download_link":142,"security_score":82,"vuln_count":26,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28},"speedmetriks","SpeedMetriks","1.4.4","bookwyrm","https:\u002F\u002Fprofiles.wordpress.org\u002Fbookwyrm\u002F","\u003Cp>Each visitor to your website will have their own unique device and network connection and will experience the site differently. Some will be fast and others will be slow, but it’s hard to know what their experience is like. Modern browsers record detailed timing information about a visitor’s experience and SpeedMetriks lets you collect that data and save it in your WordPress database so you can get an aggregate view of your visitors’ experiences.\u003C\u002Fp>\n\u003Cp>The data is stored anonymously and there are no third party servers or services involved.\u003C\u002Fp>\n\u003Cp>This initial release will just show \u003Ccode>onDomReady\u003C\u002Fcode> timing data but additional metrics will be added soon.\u003C\u002Fp>\n","A self-contained service to see how visitors experience your site.",1279,"2019-04-25T22:07:00.000Z","5.1.22","4.7","7.0",[137,138,139,140],"anonymous-data","performance","real-user-monitoring","visitor-experience","https:\u002F\u002Fspeedmetriks.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fspeedmetriks.1.4.4.zip",{"attackSurface":144,"codeSignals":237,"taintFlows":317,"riskAssessment":514,"analyzedAt":520},{"hooks":145,"ajaxHandlers":214,"restRoutes":228,"shortcodes":229,"cronEvents":236,"entryPointCount":151,"unprotectedCount":26},[146,152,157,161,166,171,174,177,179,183,185,188,192,196,199,203,207,211],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_footer","closure","admin\\includes\\pro_trial.php",6,{"type":147,"name":153,"callback":154,"file":155,"line":156},"admin_notices","maybe_show_notice","admin\\includes\\rate_notice.php",18,{"type":147,"name":158,"callback":159,"file":155,"line":160},"admin_init","handle_actions",19,{"type":147,"name":162,"callback":163,"file":164,"line":165},"init","wbls_register_form_block","Apps\\blocks.php",49,{"type":147,"name":167,"callback":149,"priority":168,"file":169,"line":170},"wp_footer",5,"frontend\\frontend.php",80,{"type":147,"name":167,"callback":172,"file":169,"line":173},"render_template",135,{"type":147,"name":167,"callback":175,"priority":11,"file":169,"line":176},"print_footer_forms",158,{"type":147,"name":162,"callback":162,"file":178,"line":82},"includes\\class-wbls-whistleblower.php",{"type":147,"name":180,"callback":181,"file":178,"line":182},"plugins_loaded","wbls_plugins_loaded",86,{"type":147,"name":158,"callback":158,"file":178,"line":184},87,{"type":147,"name":186,"callback":186,"file":178,"line":187},"admin_menu",88,{"type":147,"name":189,"callback":190,"file":178,"line":191},"wp_enqueue_scripts","register_frontend_scripts",91,{"type":147,"name":193,"callback":194,"file":178,"line":195},"admin_enqueue_scripts","register_admin_scripts",92,{"type":147,"name":148,"callback":197,"file":178,"line":198},"pro_banner",104,{"type":147,"name":200,"callback":201,"file":178,"line":202},"current_screen","check_plugins_page",110,{"type":147,"name":204,"callback":205,"file":178,"line":206},"wbls_purge_old_logs_event","wbls_purge_old_logs",116,{"type":208,"name":209,"callback":149,"file":178,"line":210},"filter","query_vars",122,{"type":147,"name":212,"callback":149,"file":178,"line":213},"admin_head",738,[215,220,223,225],{"action":216,"nopriv":217,"callback":216,"hasNonce":218,"hasCapCheck":217,"file":178,"line":219},"wbls_admin_ajax",false,true,95,{"action":221,"nopriv":217,"callback":221,"hasNonce":218,"hasCapCheck":217,"file":178,"line":222},"wbls_front_ajax",96,{"action":221,"nopriv":218,"callback":221,"hasNonce":218,"hasCapCheck":217,"file":178,"line":224},97,{"action":226,"nopriv":217,"callback":226,"hasNonce":218,"hasCapCheck":217,"file":178,"line":227},"wbls_send_deactivation_reason",109,[],[230,233],{"tag":231,"callback":232,"file":178,"line":11},"wbls-whistleblower-form","wbls_shortcode",{"tag":234,"callback":232,"file":178,"line":235},"wblsform",101,[],{"dangerousFunctions":238,"sqlUsage":239,"outputEscaping":246,"fileOperations":311,"externalRequests":13,"nonceChecks":312,"capabilityChecks":46,"bundledLibraries":313},[],{"prepared":240,"raw":13,"locations":241},16,[242],{"file":243,"line":244,"context":245},"admin\\controllers\\ControllerSubmissions.php",60,"$wpdb->query() with variable interpolation",{"escaped":247,"rawEcho":248,"locations":249},1204,29,[250,254,256,259,261,263,265,267,270,272,274,276,278,280,282,284,286,288,290,292,294,296,298,300,302,304,306,308,310],{"file":251,"line":252,"context":253},"admin\\includes\\fields_templates.php",151,"raw output",{"file":251,"line":255,"context":253},208,{"file":257,"line":258,"context":253},"admin\\whistleblower_form_edit_page.php",592,{"file":257,"line":260,"context":253},593,{"file":257,"line":262,"context":253},594,{"file":257,"line":264,"context":253},595,{"file":257,"line":266,"context":253},596,{"file":268,"line":269,"context":253},"admin\\whistleblower_submission_edit_page.php",265,{"file":268,"line":271,"context":253},282,{"file":268,"line":273,"context":253},293,{"file":268,"line":275,"context":253},301,{"file":268,"line":277,"context":253},309,{"file":268,"line":279,"context":253},310,{"file":268,"line":281,"context":253},312,{"file":268,"line":283,"context":253},358,{"file":268,"line":285,"context":253},360,{"file":268,"line":287,"context":253},434,{"file":268,"line":289,"context":253},730,{"file":268,"line":291,"context":253},753,{"file":268,"line":293,"context":253},755,{"file":268,"line":295,"context":253},764,{"file":268,"line":297,"context":253},772,{"file":268,"line":299,"context":253},781,{"file":268,"line":301,"context":253},782,{"file":268,"line":303,"context":253},784,{"file":268,"line":305,"context":253},785,{"file":268,"line":307,"context":253},831,{"file":268,"line":309,"context":253},833,{"file":169,"line":273,"context":253},4,21,[314],{"name":315,"version":27,"knownCves":316},"Select2",[],[318,349,363,378,386,397,406,418,426,437,453,469,479,487,503],{"entryPoint":319,"graph":320,"unsanitizedCount":13,"severity":348},"display (admin\\whistleblower_form_edit_page.php:467)",{"nodes":321,"edges":344},[322,327,333,337,341],{"id":323,"type":324,"label":325,"file":257,"line":326},"n0","source","$_GET (x4)",468,{"id":328,"type":329,"label":330,"file":257,"line":331,"wp_function":332},"n1","sink","echo() [XSS]",530,"echo",{"id":334,"type":324,"label":335,"file":257,"line":336},"n2","$_GET",620,{"id":338,"type":339,"label":340,"file":257,"line":336},"n3","transform","→ shortcode_popup()",{"id":342,"type":329,"label":330,"file":257,"line":343,"wp_function":332},"n4",2267,[345,346,347],{"from":323,"to":328,"sanitized":218},{"from":334,"to":338,"sanitized":217},{"from":338,"to":342,"sanitized":217},"medium",{"entryPoint":350,"graph":351,"unsanitizedCount":13,"severity":348},"\u003Cwhistleblower_form_edit_page> (admin\\whistleblower_form_edit_page.php:0)",{"nodes":352,"edges":359},[353,355,356,357,358],{"id":323,"type":324,"label":354,"file":257,"line":326},"$_GET (x10)",{"id":328,"type":329,"label":330,"file":257,"line":331,"wp_function":332},{"id":334,"type":324,"label":335,"file":257,"line":336},{"id":338,"type":339,"label":340,"file":257,"line":336},{"id":342,"type":329,"label":330,"file":257,"line":343,"wp_function":332},[360,361,362],{"from":323,"to":328,"sanitized":218},{"from":334,"to":338,"sanitized":217},{"from":338,"to":342,"sanitized":217},{"entryPoint":364,"graph":365,"unsanitizedCount":26,"severity":377},"wbls_save_settings (admin\\controllers\\Controller.php:364)",{"nodes":366,"edges":375},[367,371],{"id":323,"type":324,"label":368,"file":369,"line":370},"$_POST","admin\\controllers\\Controller.php",369,{"id":328,"type":329,"label":372,"file":369,"line":373,"wp_function":374},"update_option() [Settings Manipulation]",370,"update_option",[376],{"from":323,"to":328,"sanitized":218},"low",{"entryPoint":379,"graph":380,"unsanitizedCount":26,"severity":377},"\u003CController> (admin\\controllers\\Controller.php:0)",{"nodes":381,"edges":384},[382,383],{"id":323,"type":324,"label":368,"file":369,"line":370},{"id":328,"type":329,"label":372,"file":369,"line":373,"wp_function":374},[385],{"from":323,"to":328,"sanitized":218},{"entryPoint":387,"graph":388,"unsanitizedCount":26,"severity":377},"wbls_remove_submission (admin\\controllers\\ControllerSubmissions.php:51)",{"nodes":389,"edges":395},[390,392],{"id":323,"type":324,"label":368,"file":243,"line":391},57,{"id":328,"type":329,"label":393,"file":243,"line":244,"wp_function":394},"query() [SQLi]","query",[396],{"from":323,"to":328,"sanitized":218},{"entryPoint":398,"graph":399,"unsanitizedCount":26,"severity":377},"\u003CControllerSubmissions> (admin\\controllers\\ControllerSubmissions.php:0)",{"nodes":400,"edges":404},[401,403],{"id":323,"type":324,"label":402,"file":243,"line":391},"$_POST (x2)",{"id":328,"type":329,"label":393,"file":243,"line":244,"wp_function":394},[405],{"from":323,"to":328,"sanitized":218},{"entryPoint":407,"graph":408,"unsanitizedCount":26,"severity":377},"handle_actions (admin\\includes\\rate_notice.php:97)",{"nodes":409,"edges":416},[410,412],{"id":323,"type":324,"label":335,"file":155,"line":411},106,{"id":328,"type":329,"label":413,"file":155,"line":414,"wp_function":415},"wp_redirect() [Open Redirect]",107,"wp_redirect",[417],{"from":323,"to":328,"sanitized":218},{"entryPoint":419,"graph":420,"unsanitizedCount":26,"severity":377},"\u003Crate_notice> (admin\\includes\\rate_notice.php:0)",{"nodes":421,"edges":424},[422,423],{"id":323,"type":324,"label":335,"file":155,"line":411},{"id":328,"type":329,"label":413,"file":155,"line":414,"wp_function":415},[425],{"from":323,"to":328,"sanitized":218},{"entryPoint":427,"graph":428,"unsanitizedCount":26,"severity":377},"form_content (admin\\whistleblower_form_edit_page.php:2335)",{"nodes":429,"edges":435},[430,433],{"id":323,"type":324,"label":431,"file":257,"line":432},"$_GET (x2)",2336,{"id":328,"type":329,"label":330,"file":257,"line":434,"wp_function":332},2346,[436],{"from":323,"to":328,"sanitized":218},{"entryPoint":438,"graph":439,"unsanitizedCount":26,"severity":377},"render_page (admin\\whistleblower_logs_page.php:184)",{"nodes":440,"edges":450},[441,444,446],{"id":323,"type":324,"label":335,"file":442,"line":443},"admin\\whistleblower_logs_page.php",194,{"id":328,"type":339,"label":445,"file":442,"line":443},"→ get_logs()",{"id":334,"type":329,"label":447,"file":442,"line":448,"wp_function":449},"get_results() [SQLi]",140,"get_results",[451,452],{"from":323,"to":328,"sanitized":217},{"from":328,"to":334,"sanitized":218},{"entryPoint":454,"graph":455,"unsanitizedCount":26,"severity":377},"\u003Cwhistleblower_logs_page> (admin\\whistleblower_logs_page.php:0)",{"nodes":456,"edges":465},[457,460,462,463,464],{"id":323,"type":324,"label":458,"file":442,"line":459},"$_GET (x3)",191,{"id":328,"type":329,"label":330,"file":442,"line":461,"wp_function":332},389,{"id":334,"type":324,"label":335,"file":442,"line":443},{"id":338,"type":339,"label":445,"file":442,"line":443},{"id":342,"type":329,"label":447,"file":442,"line":448,"wp_function":449},[466,467,468],{"from":323,"to":328,"sanitized":218},{"from":334,"to":338,"sanitized":217},{"from":338,"to":342,"sanitized":218},{"entryPoint":470,"graph":471,"unsanitizedCount":26,"severity":377},"display (admin\\whistleblower_submission_edit_page.php:102)",{"nodes":472,"edges":477},[473,475],{"id":323,"type":324,"label":325,"file":268,"line":474},127,{"id":328,"type":329,"label":330,"file":268,"line":476,"wp_function":332},186,[478],{"from":323,"to":328,"sanitized":218},{"entryPoint":480,"graph":481,"unsanitizedCount":26,"severity":377},"\u003Cwhistleblower_submission_edit_page> (admin\\whistleblower_submission_edit_page.php:0)",{"nodes":482,"edges":485},[483,484],{"id":323,"type":324,"label":325,"file":268,"line":474},{"id":328,"type":329,"label":330,"file":268,"line":476,"wp_function":332},[486],{"from":323,"to":328,"sanitized":218},{"entryPoint":488,"graph":489,"unsanitizedCount":26,"severity":377},"wbls_display (admin\\whistleblower_theme_edit_page.php:33)",{"nodes":490,"edges":500},[491,494,496,498],{"id":323,"type":324,"label":368,"file":492,"line":493},"admin\\whistleblower_theme_edit_page.php",36,{"id":328,"type":329,"label":330,"file":492,"line":495,"wp_function":332},51,{"id":334,"type":324,"label":335,"file":492,"line":497},34,{"id":338,"type":329,"label":330,"file":492,"line":499,"wp_function":332},59,[501,502],{"from":323,"to":328,"sanitized":218},{"from":334,"to":338,"sanitized":218},{"entryPoint":504,"graph":505,"unsanitizedCount":26,"severity":377},"\u003Cwhistleblower_theme_edit_page> (admin\\whistleblower_theme_edit_page.php:0)",{"nodes":506,"edges":511},[507,508,509,510],{"id":323,"type":324,"label":368,"file":492,"line":493},{"id":328,"type":329,"label":330,"file":492,"line":495,"wp_function":332},{"id":334,"type":324,"label":335,"file":492,"line":497},{"id":338,"type":329,"label":330,"file":492,"line":499,"wp_function":332},[512,513],{"from":323,"to":328,"sanitized":218},{"from":334,"to":338,"sanitized":218},{"summary":515,"deductions":516},"The \"whistleblowing-system\" plugin v1.5.0 demonstrates a generally strong security posture, characterized by diligent use of prepared statements for SQL queries and proper output escaping. The presence of numerous nonce and capability checks indicates a good understanding of WordPress security best practices, and the absence of known CVEs or critical taint flows is a significant positive.  However, the static analysis did reveal two flows with unsanitized paths, which, while not classified as critical or high severity by the taint analysis, represent a potential area of concern. The limited attack surface, with all identified entry points possessing authentication checks, further contributes to its relatively secure design. The plugin's lack of a vulnerability history is encouraging but doesn't negate the importance of addressing the identified unsanitized path flows.",[517],{"reason":518,"points":519},"Unsanitized path flows",8,"2026-03-16T20:39:32.184Z",{"wat":522,"direct":528},{"assetPaths":523,"generatorPatterns":525,"scriptPaths":526,"versionParams":527},[524],"\u002Fwp-content\u002Fplugins\u002Fwhistleblowing-system\u002Fadmin\u002Fassets\u002Fimages\u002Fwhistleblowing_logo.png",[],[],[],{"cssClasses":529,"htmlComments":549,"htmlAttributes":550,"restEndpoints":552,"jsGlobals":553,"shortcodeOutput":554},[530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548],"wbls-admin-header","wbls-admin-header-logo","wbls-page-title","wbls-button","wbls-button-add-form","wbls-response-message","wbls-content","wbls-forms-list","wbls-forms-list-row","wbls-forms-list-title","wbls-form-name","wbls-form-author","wbls-form-shortcode","wbls-form-date","wbls-form-type","wbls-row-actions","wbls-duplicate-form","wbls-delete-form","wbls-preview-form",[],[551],"data-id",[],[],[555],"[wblsform id="]