Twelve years ago, I posted to my personal blog an article titled Free Plugin Declaration: Contact Form 7 is Free. In that post, I praised the WordPress community and its open-source spirit, and swore that I would keep the Contact Form 7 plugin available free forever. Since then, my faith in the belief that WordPress plugins should be available for free has not wavered at all.
Continue reading Say no to malicious add-onsCategory Archives: Announcement
Consistent handling policy of surrounding whitespaces
On its user input validation, Contact Form 7 has basically emulated the HTML specification and major browser implementations. However, there is a problem. They don’t handle surrounding whitespaces in a consistent way.
Continue reading Consistent handling policy of surrounding whitespacesAvast false alarm again
Today I saw a lot of Contact Form 7 users reporting that the security software they use had detected a Trojan Horse in a script file in the Contact Form 7 package. I scanned the reported file on the WordPress.org plugin directory and found no problem, so I concluded that this is a false alarm.
The security software is provided by Avast Software. According to the reports from users, several other security applications from Avast’s group of companies showed the same alert. Avast is known to have caused a similar false alarm case that happened in 2021.
We end the Constant Contact integration.
We marked the feature of the Constant Contact integration as deprecated. This means we no longer recommend that our users use it. Exposure of the feature will be decreased in stages. While we guarantee that security updates and a minimum level of user support for this feature will be continued until the end of 2024, we will no longer invest in it.
Continue reading We end the Constant Contact integration.About our WordPress/PHP support policy
From the next major release, Contact Form 7 will employ a new policy on support for old WordPress and PHP versions. In this policy, the plugin supports:
- WordPress: The second latest major version (at the time of the plugin’s major release) and greater.
- PHP: Versions recommended by the second latest major version of WordPress.
We recommend Kinsta hosting.
You may realize that performance on this site is better than before. You are right. We migrated this site to Kinsta hosting. Not only better performance, but we achieved a significant cost reduction ($6,624/year => $2,250/year).
Continue reading We recommend Kinsta hosting.Avast security alert
In the past few hours a lot of Contact Form 7 users have reported that their security tools provided by Avast Software have given a security alert about Contact Form 7. In particular, the alert says it has found a Trojan Horse in one of the script files in the Contact Form 7 package.
I have confirmed no such malware exists in Contact Form 7, so I believe that it is probably a false alarm. So far we haven’t received any information from Avast about this case.
I’ll update this post when there is new information.
Call for Sendinblue module beta testers
The Sendinblue integration module for Contact Form 7 is under development. We plan to include this module into Contact Form 7 5.4, which will be released next February.
Are you interested in being one of the initial stage users of the module? We call for volunteer beta testers to try this module on their websites and report issues if they find bugs or room for improvement.
If it is OK for you to become a beta tester, please refer to the instructions on the GitHub repository page and download a plugin package for the module.
Heads-up about auto-updates
WordPress 5.5 has introduced the auto-update feature for plugins and themes. Keeping plugins and themes updated to the latest version is a key factor in managing your WordPress site securely. We strongly recommend you enable auto-updates for the Contact Form 7 plugin, but you should also be aware that there are risks involved in the use of auto-updates.
Continue reading Heads-up about auto-updatesDevelopment moves to GitHub
The development repository of Contact Form 7 has moved to GitHub. The GitHub repository lets you:
- Browse the code in development branches;
- Trace back through the development logs;
- Contribute to the development by reporting issues and making pull requests;
- And more!
The release repository will continue to be on the WordPress.org Plugin Directory’s SVN-based system as before.