All posts by Takayuki Miyoshi

Customizing Stripe payment parameters

Stripe‘s payment parameters, such as the currency or the amount of money, are decided by the [stripe] form-tag placed in the form template. You might want to customize the parameters by changing them dynamically based on the user’s selection or some sort of calculation.

You can do it by using the wpcf7_stripe_payment_intent_parameters filter hook like in the following coding example:

Continue reading Customizing Stripe payment parameters

Avast security alert

In the past few hours a lot of Contact Form 7 users have reported that their security tools provided by Avast Software have given a security alert about Contact Form 7. In particular, the alert says it has found a Trojan Horse in one of the script files in the Contact Form 7 package.

I have confirmed no such malware exists in Contact Form 7, so I believe that it is probably a false alarm. So far we haven’t received any information from Avast about this case.

I’ll update this post when there is new information.

Contact Form 7 5.4.1

Contact Form 7 5.4.1 is now available. This is a maintenance release that includes several improvements and bug fixes.

Since the release of Contact Form 7 5.4 last February, a lot of problems have been reported and most of them have turned out to be caused by interference from other plugins or the theme used on the site.

Although fundamental solutions can be provided only by developers of the third-party plugins and themes, by updating to 5.4.1 you will be able to mitigate the problems.

Continue reading Contact Form 7 5.4.1

Contact Form 7 5.4 Beta

The next major update, Contact Form 7 version 5.4, is scheduled to be released on February 24. Since 5.4 brings unusually large changes, I have decided to have a beta testing period of a few weeks before the live release.

You can download a copy of the beta version plugin package from the GitHub repository. If you find any bugs, please report back to us by creating an issue on GitHub.

If you find an add-on plugin you use doesn’t work correctly with Contact Form 7 5.4, then please report the issue to the developer of that plugin, not to us. We cannot take any responsibility with regards to 3rd-party products.

Continue reading Contact Form 7 5.4 Beta

Contact Form 7 5.3.2

Contact Form 7 5.3.2 has been released. This is an urgent security and maintenance release. We strongly encourage you to update to it immediately.

An unrestricted file upload vulnerability has been found in Contact Form 7 5.3.1 and older versions. Utilizing this vulnerability, a form submitter can bypass Contact Form 7’s filename sanitization, and upload a file which can be executed as a script file on the host server. This issue has been reported by Jinson Varghese Behanan from Astra Security.

Continue reading Contact Form 7 5.3.2

Call for Sendinblue module beta testers

The Sendinblue integration module for Contact Form 7 is under development. We plan to include this module into Contact Form 7 5.4, which will be released next February.

Are you interested in being one of the initial stage users of the module? We call for volunteer beta testers to try this module on their websites and report issues if they find bugs or room for improvement.

If it is OK for you to become a beta tester, please refer to the instructions on the GitHub repository page and download a plugin package for the module.