I have recently released Contact Form 7 3.3.1. This update includes several security fixes, so upgrading quickly is highly recommended.
» Download Contact Form 7 plugin from WordPress.org
Change Log
- Fixed: Apply
esc_html()
to response outputs. In the case it is necessary to use HTML tags in the response messages, newwpcf7_form_response_output
filter is available. - Fixed: Don’t use
$_POST
for internal data passing. Use global$wpcf7
variable instead. - Fixed: Treat array value correctly in the Akismet module.
- Fixed: Escape outputs of
[_user_agent]
spacial mail tags used in the HTML mode. - Fixed: Don’t show the notice about conflicting with Jetpack to new users who rarely see such conflicts.
- The jQuery Form Plugin (jquery.form.js) has been updated to 3.18.
- Translations for
Danish (Georg S. Adamsen) and
Finnish (Jani Alha) have been updated.