As you may already know, Google has a plan to make all reCAPTCHA users migrate to reCAPTCHA Enterprise on Google Cloud by the end of 2025. This means a cost increase for many users. I’m writing this post to provide you with a heads-up about this move.
Continue reading Our future plans for CAPTCHAsCategory Archives: Announcement
Complete removal of Constant Contact integration
The Constant Contact integration is currently marked as deprecated; you get a warning on admin screens if you use it, but the feature itself is still available and works as before. However, since we plan to completely remove this module from Contact Form 7 at some point in 2025, you are advised to stop using it as soon as possible. If you look for an alternative service, we recommend Brevo.
Say no to malicious add-ons
Twelve years ago, I posted to my personal blog an article titled Free Plugin Declaration: Contact Form 7 is Free. In that post, I praised the WordPress community and its open-source spirit, and swore that I would keep the Contact Form 7 plugin available free forever. Since then, my faith in the belief that WordPress plugins should be available for free has not wavered at all.
Continue reading Say no to malicious add-onsConsistent handling policy of surrounding whitespaces
On its user input validation, Contact Form 7 has basically emulated the HTML specification and major browser implementations. However, there is a problem. They don’t handle surrounding whitespaces in a consistent way.
Continue reading Consistent handling policy of surrounding whitespacesAvast false alarm again
Today I saw a lot of Contact Form 7 users reporting that the security software they use had detected a Trojan Horse in a script file in the Contact Form 7 package. I scanned the reported file on the WordPress.org plugin directory and found no problem, so I concluded that this is a false alarm.
The security software is provided by Avast Software. According to the reports from users, several other security applications from Avast’s group of companies showed the same alert. Avast is known to have caused a similar false alarm case that happened in 2021.
We end the Constant Contact integration.
We marked the feature of the Constant Contact integration as deprecated. This means we no longer recommend that our users use it. Exposure of the feature will be decreased in stages. While we guarantee that security updates and a minimum level of user support for this feature will be continued until the end of 2024, we will no longer invest in it.
Continue reading We end the Constant Contact integration.About our WordPress/PHP support policy
From the next major release, Contact Form 7 will employ a new policy on support for old WordPress and PHP versions. In this policy, the plugin supports:
- WordPress: The second latest major version (at the time of the plugin’s major release) and greater.
- PHP: Versions recommended by the second latest major version of WordPress.
We recommend Kinsta hosting.
You may realize that performance on this site is better than before. You are right. We migrated this site to Kinsta hosting. Not only better performance, but we achieved a significant cost reduction ($6,624/year => $2,250/year).
Continue reading We recommend Kinsta hosting.Avast security alert
In the past few hours a lot of Contact Form 7 users have reported that their security tools provided by Avast Software have given a security alert about Contact Form 7. In particular, the alert says it has found a Trojan Horse in one of the script files in the Contact Form 7 package.
I have confirmed no such malware exists in Contact Form 7, so I believe that it is probably a false alarm. So far we haven’t received any information from Avast about this case.
I’ll update this post when there is new information.
Call for Sendinblue module beta testers
The Sendinblue integration module for Contact Form 7 is under development. We plan to include this module into Contact Form 7 5.4, which will be released next February.
Are you interested in being one of the initial stage users of the module? We call for volunteer beta testers to try this module on their websites and report issues if they find bugs or room for improvement.
If it is OK for you to become a beta tester, please refer to the instructions on the GitHub repository page and download a plugin package for the module.