Fix: Fixed a type-o in nonce verification where it compared the value against 0 instead of 1, see support thread.
5.0.4
Release Date: 01/01/2026
Security: Addressed security vulnerability CVE-2025-13146 responsibly reported by NosleeP++ to Wordfence. Thank you NosleeP++! The JavaScript Fetch/AJAX request now includes nonce verification.
5.0.3
Fix: Moved settings translations to load as needed instead of immediately hoping to address the Function _load_textdomain_just_in_time was called incorrectly notice added in WordPress core version 6.7, see support thread.
5.0.2
Security: Addressed security vulnerability responsibly reported by Rafie Muhammad to Patchstack.
5.0.1
Fix: updated the wpcf7dtx_format_atts() function to only include attributes with string values if the string exists to avoid adding empty attributes like id where they are supposed to be unique, see support thread.
Update: updated getting dynamic attributes to be more consistent across handler functions.
Fix: Marked compatible with WordPress core version 6.7.
5.0.0
Update: The form tag generator has been upgraded to version 2 to be compatible with version 6.0 of Contact Form 7. Related prefixed functions have been replaced with a class. See support thread.
