Category Archives: Announcement

Say no to malicious add-ons

Twelve years ago, I posted to my personal blog an article titled Free Plugin Declaration: Contact Form 7 is Free. In that post, I praised the WordPress community and its open-source spirit, and swore that I would keep the Contact Form 7 plugin available free forever. Since then, my faith in the belief that WordPress plugins should be available for free has not wavered at all.

Continue reading Say no to malicious add-ons

Avast false alarm again

Today I saw a lot of Contact Form 7 users reporting that the security software they use had detected a Trojan Horse in a script file in the Contact Form 7 package. I scanned the reported file on the WordPress.org plugin directory and found no problem, so I concluded that this is a false alarm.

The security software is provided by Avast Software. According to the reports from users, several other security applications from Avast’s group of companies showed the same alert. Avast is known to have caused a similar false alarm case that happened in 2021.

We end the Constant Contact integration.

We marked the feature of the Constant Contact integration as deprecated. This means we no longer recommend that our users use it. Exposure of the feature will be decreased in stages. While we guarantee that security updates and a minimum level of user support for this feature will be continued until the end of 2024, we will no longer invest in it.

Continue reading We end the Constant Contact integration.

Avast security alert

In the past few hours a lot of Contact Form 7 users have reported that their security tools provided by Avast Software have given a security alert about Contact Form 7. In particular, the alert says it has found a Trojan Horse in one of the script files in the Contact Form 7 package.

I have confirmed no such malware exists in Contact Form 7, so I believe that it is probably a false alarm. So far we haven’t received any information from Avast about this case.

I’ll update this post when there is new information.

Call for Sendinblue module beta testers

The Sendinblue integration module for Contact Form 7 is under development. We plan to include this module into Contact Form 7 5.4, which will be released next February.

Are you interested in being one of the initial stage users of the module? We call for volunteer beta testers to try this module on their websites and report issues if they find bugs or room for improvement.

If it is OK for you to become a beta tester, please refer to the instructions on the GitHub repository page and download a plugin package for the module.