Connect Contact Form 7 and Mailchimp

Connect Contact Form 7 to Mailchimp. Automatically sync form submissions to your Mailchimp audiences with merge field mapping, double opt-in, and opt- …

v0.9.78.05Renzo JohnsonUpdated Added 40k+ installs84% rating0% support resolved
53
Score
236
Errors
52
Warnings
+0
Change

Category Scores

Security29
Repo97
Performance100
Maintainability61

Issues to Review

Prioritized issue groups from the latest Plugin Check scan

288 findings

I18n

226

3 issue groups

Maintainability

46

13 issue groups

Security

15

7 issue groups

Repo Compliance

1

1 issue group

ERRORI18nText Domain MismatchMismatched text domain. Expected 'contact-form-7-mailchimp-extension' but got 'chimpmatic-lite'.215
Category
I18n
Occurrences
215
Severity
error

Sample message

Mismatched text domain. Expected 'contact-form-7-mailchimp-extension' but got 'chimpmatic-lite'.

WARNINGMaintainabilityDirect QueryUse of a direct database call is discouraged.13
Category
Maintainability
Occurrences
13
Severity
warning

Sample message

Use of a direct database call is discouraged.

WARNINGMaintainabilityNo CachingDirect database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().13
Category
Maintainability
Occurrences
13
Severity
warning

Sample message

Direct database call without caching detected. Consider using wp_cache_get() / wp_cache_set() or wp_cache_delete().

ERRORI18nNon Singular String Literal DomainThe $domain parameter must be a single text string literal. Found: self::$text_domain10
Category
I18n
Occurrences
10
Severity
error

Sample message

The $domain parameter must be a single text string literal. Found: self::$text_domain

WARNINGSecurityNonce verification recommendedProcessing form data without nonce verification.6
Category
Security
Occurrences
6
Severity
warning

Sample message

Processing form data without nonce verification.

WARNINGMaintainabilityNon-prefixed constantGlobal constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "SPARTAN_MCE_PLUGIN_BASENAME".5
Category
Maintainability
Occurrences
5
Severity
warning

Sample message

Global constants defined by a theme/plugin should start with the theme/plugin prefix. Found: "SPARTAN_MCE_PLUGIN_BASENAME".

ERRORMaintainabilityfile system operations fcloseFile operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().3
Category
Maintainability
Occurrences
3
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fclose().

WARNINGMaintainabilityerror log error logerror_log() found. Debug code should not normally be used in production.2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

error_log() found. Debug code should not normally be used in production.

ERRORSecurityOutput is not escapedAll output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$attrs_html'.2
Category
Security
Occurrences
2
Severity
error

Sample message

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$attrs_html'.

WARNINGSecurityMissing nonce verificationProcessing form data without nonce verification.2
Category
Security
Occurrences
2
Severity
warning

Sample message

Processing form data without nonce verification.

Show 14 more
WARNINGSecurityInput is not sanitized2
Category
Security
Occurrences
2
Severity
warning

Sample message

Detected usage of a non-sanitized input variable: $_SERVER['HTTP_REFERER']

ERRORMaintainabilityfile system operations fopen2
Category
Maintainability
Occurrences
2
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fopen().

WARNINGMaintainabilityupdate modification detected2
Category
Maintainability
Occurrences
2
Severity
warning

Sample message

Plugin Updater detected. Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins

ERRORMaintainabilityNot Allowed1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Use of heredoc syntax (<<<) is not allowed; use standard strings or inline HTML instead

WARNINGMaintainabilityShort URL found1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Short URL detected (bit.ly). Use full URLs instead of URL shorteners.

WARNINGSecurityInterpolated SQL is not prepared1
Category
Security
Occurrences
1
Severity
warning

Sample message

Use placeholders and $wpdb-&gt;prepare(); found interpolated variable {$placeholders} at &quot;SELECT option_name, option_value FROM {$wpdb-&gt;options} WHERE option_name IN ({$placeholders})&quot;

ERRORSecuritySQL query is not prepared1
Category
Security
Occurrences
1
Severity
error

Sample message

Use placeholders and $wpdb->prepare(); found $query

WARNINGSecurityUnfinished Prepare1
Category
Security
Occurrences
1
Severity
warning

Sample message

Replacement variables found, but no valid placeholders found in the query.

WARNINGMaintainabilityNon-prefixed function1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

Functions declared in the global namespace by a theme/plugin should start with the theme/plugin prefix. Found: &quot;mce_get_cmatic&quot;.

ERRORMaintainabilityfile system operations fread1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

File operations should use WP_Filesystem methods instead of direct PHP filesystem calls. Found: fread().

ERRORMaintainabilityplugin updater detected1
Category
Maintainability
Occurrences
1
Severity
error

Sample message

Plugin Updater detected. These are not permitted in WordPress.org hosted plugins. Detected: site_transient_update_plugins

WARNINGRepo Compliancereadme parser warnings trimmed short description1
Category
Repo Compliance
Occurrences
1
Severity
warning

Sample message

The "Short Description" section is too long and was truncated. A maximum of 150 characters is supported.

WARNINGI18ntextdomain mismatch1
Category
I18n
Occurrences
1
Severity
warning

Sample message

The "Text Domain" header in the plugin file does not match the slug. Found "chimpmatic-lite", expected "contact-form-7-mailchimp-extension".

WARNINGMaintainabilitytrademarked term1
Category
Maintainability
Occurrences
1
Severity
warning

Sample message

The plugin slug includes a restricted term. Your plugin slug - "contact-form-7-mailchimp-extension" - contains the restricted term "contact-form-7" and cannot be used to begin your plugin slug. We disallow the use of certain terms in ways that are abused, or potentially infringe on and/or are misleading with regards to trademarks. You may use the term "contact-form-7" elsewhere in your plugin slug, such as "... for contact-form-7".

External Connections

Potential connections found in static code analysis.

8 domains

Outbound calls

116

External assets

0

Incoming endpoints

0

Notable Domains

renzojohnson.com90 · outbound
chimpmatic.com9 · outbound
api.chimpmatic.com3 · outbound
signls.dev3 · outbound
bit.ly1 · outbound

Platform / Reference Domains

w3.org7 · platform/reference
wordpress.org2 · platform/reference
gnu.org1 · platform/reference

External Asset Domains

No external asset domains detected.

Incoming Endpoints

No public endpoints detected.

Score History

2 score snapshots

+0
1007550250Jun 20, 2026, 02:14 AM UTC Score 53/100 Plugin v0.9.78.04 Plugin Check 2.0.0 236 errors, 52 warningsJun 25, 2026, 12:27 AM UTC Score 53/100 Plugin v0.9.78.05 Plugin Check 2.0.0 236 errors, 52 warningsJun 20, 2026Jun 25, 2026

v0.9.78.05

53

Latest

Findings
288
Errors
236
Warnings
52
Check
2.0.0

v0.9.78.04

53

Score

Findings
288
Errors
236
Warnings
52
Check
2.0.0

Relationship Map

Author, categories, issues, domains, and nearby plugins.

34 nodes

Related Plugins